Hello guys, is there any chance to get into hacked device and dump actual configuration?
I regret to tell you that that one of my RB3011 has been hacked this week even though it has ROS 6.43.4 on it and recommended security measures was applied (winbox access is restricted only from LAN).
Unfortunately the thing is that I only performed upgrade each time, because I simply didn't see any evidence of changed configuration in the exported script from older ROS version.
Therefore, it would be pretty interesting for all of us, what is behind the "scenes".
Currently Winbox login does not work, nor ssh.
Thank you for your help.