Community discussions

 
User avatar
strods
MikroTik Support
MikroTik Support
Topic Author
Posts: 1406
Joined: Wed Jul 16, 2014 7:22 am
Location: Riga, Latvia

Winbox v3.16 released!

Mon Jul 02, 2018 2:35 pm

What's new in v3.16:

*) added back support for connecting to older RouterOS v6 versions;
*) fixed crash when connecting to newest RouterOS on MacOS wine;

If you experience version related issues, then please report them to support@mikrotik.com.

Winbox is available here:
http://www.mikrotik.com/download

If you try to upgrade directly from Winbox loader and version is not available, then you might need to wait for a while until cache in path between your device and our servers is refreshed.
 
Spidlacz
just joined
Posts: 4
Joined: Wed May 16, 2018 3:39 pm

Re: Winbox v3.16 released!

Mon Jul 02, 2018 4:20 pm

It still remains a problem when I run Winbox with the parameters. Winbox looks for neighbors even if there is no reason to do so.
 
User avatar
tomaskir
Trainer
Trainer
Posts: 1110
Joined: Sat Sep 24, 2011 2:32 pm
Location: Slovakia

Re: Winbox v3.16 released!

Mon Jul 02, 2018 4:58 pm

*) added back support for connecting to older RouterOS v6 versions;
Does this mean that Winbox is again able to download and execute DLLs received from external sources?
Unimus - configuration management, automation and backup solution
Mass Config Push, network-wide RouterOS upgrades, and more!
 
R1CH
Forum Veteran
Forum Veteran
Posts: 883
Joined: Sun Oct 01, 2006 11:44 pm

Re: Winbox v3.16 released!

Mon Jul 02, 2018 5:28 pm

Hopefully it uses a whitelist approach and only executes DLLs with known hashes.
 
Sob
Forum Guru
Forum Guru
Posts: 4527
Joined: Mon Apr 20, 2009 9:11 pm

Re: Winbox v3.16 released!

Mon Jul 02, 2018 7:19 pm

It's only older RouterOS v6. WinBox 3.15 didn't work with e.g. RouterOS 6.19 (probably others too). WinBox 3.16 works again. And no, support for dll-based versions didn't come back.
People who quote full posts should be spanked with ethernet cable. Some exceptions for multi-topic threads may apply.
 
rtucci
just joined
Posts: 1
Joined: Thu Jan 11, 2018 7:44 pm
Location: Switzerland

Re: Winbox v3.16 released!

Wed Jul 04, 2018 8:17 pm

Since Winbox v3.15 (also in v3.16), the "Quick Set" window is messed up. v3.14 shows the window as expected.
I'm using Windows 10 Pro Version 1709.
I've tried clearing the cache but this didn't make a difference.

Finally problem was fixed by deleting %AppData%\Roaming\Mikrotik\Winbox folder.
Last edited by rtucci on Thu Jul 19, 2018 3:26 pm, edited 1 time in total.
 
User avatar
nz_monkey
Forum Guru
Forum Guru
Posts: 1813
Joined: Mon Jan 14, 2008 1:53 pm
Location: Straya
Contact:

Re: Winbox v3.16 released!

Thu Jul 05, 2018 7:56 am

I have a crazy feature request.

Abandon the current GUI framework that WinBox is using and move to QT. Yes, I know it will be a LOT of work, but it will make life easier for Mikrotik developers, and allow Mikrotik to add more features in the long run.
http://thebrotherswisp.com/ | Mikrotik MTCNA, MTCRE, MTCINE | Fortinet FTCNA, FCNSP, FCT | Extreme Networks ENA
 
Kindis
Member Candidate
Member Candidate
Posts: 245
Joined: Tue Nov 01, 2011 6:54 pm

Re: Winbox v3.16 released!

Thu Jul 05, 2018 9:43 am

I have a crazy feature request.

Abandon the current GUI framework that WinBox is using and move to QT. Yes, I know it will be a LOT of work, but it will make life easier for Mikrotik developers, and allow Mikrotik to add more features in the long run.
I would go even further and say please rewrite all to a Progressive WebApp (PWA). That will make it OS independent and also adjust better to screen size. Would also make the admin tool a lot more modern.
 
chojrak11
Member Candidate
Member Candidate
Posts: 129
Joined: Sun Apr 05, 2009 10:37 am

Re: Winbox v3.16 released!

Thu Jul 05, 2018 10:33 am

I have a crazy feature request.

Abandon the current GUI framework that WinBox is using and move to QT. Yes, I know it will be a LOT of work, but it will make life easier for Mikrotik developers, and allow Mikrotik to add more features in the long run.
How did you guess they have any problem with this framework? :)
They just have more important priorities than "rewrites" of GUI tools. Like for example providing us with working WPA3 or adding features to RouterOS.
Green developers in their mid-20s would rewrite everything with no reason...
I would go even further and say please rewrite all to a Progressive WebApp (PWA). That will make it OS independent and also adjust better to screen size. Would also make the admin tool a lot more modern.
It'd be the worst decision ever made. Don't go that way, Mikrotik. I value the very lightweight tools you provide, their instant response times, low network requirements and high GUI update speeds. Web cannot provide that and you're gonna drown in endless JavaScript framework crap work and costly HTTP/Json garbage. Plus, instead of being 1.5 MB in size, it's going to be at least 500 MB. Please, don't even think about wasting your time with Electron or PWAs.
 
complex1
just joined
Posts: 17
Joined: Wed Jan 04, 2017 9:55 pm

Re: Winbox v3.16 released!

Thu Jul 05, 2018 10:53 am

@chojrak11

+1
Kind regards,
Frank.
 
freemannnn
Long time Member
Long time Member
Posts: 657
Joined: Sun Oct 13, 2013 7:29 pm

Re: Winbox v3.16 released!

Thu Jul 05, 2018 10:59 am

@chojrak11

+1
 
User avatar
vecernik87
Long time Member
Long time Member
Posts: 642
Joined: Fri Nov 10, 2017 8:19 am

Re: Winbox v3.16 released!

Thu Jul 05, 2018 11:04 am

JS dev here: Despite being fan of these PWA, electron and web technologies, this should be a no-go for manufacturer. Let them focus on CLI and API. Then, anyone can write web-like-interface, if he thinks it is going to be useful.
 
Sob
Forum Guru
Forum Guru
Posts: 4527
Joined: Mon Apr 20, 2009 9:11 pm

Re: Winbox v3.16 released!

Thu Jul 05, 2018 3:19 pm

Don't touch my WinBox, or else! I don't know yet what else, I'm thinking about perhaps some haunting in dreams, which I can't do currently, but to avenge WinBox, I'd learn! :twisted:
People who quote full posts should be spanked with ethernet cable. Some exceptions for multi-topic threads may apply.
 
User avatar
Cha0s
Forum Veteran
Forum Veteran
Posts: 890
Joined: Tue Oct 11, 2005 4:53 pm

Re: Winbox v3.16 released!

Thu Jul 05, 2018 3:46 pm

Since v3.15 when opening a static IPv6 route that has a link-local gateway causes 100% cpu usage on winbox using Win7 x64.
With a global address as gateway there is not cpu usage.
In the meantime everything stops updating in Winbox (all other windows don't show new info)

If I leave it open for over a few seconds winbox will disconnect completely from the router.

v3.14 works without any issues.


Oh, and I agree. Don't you dare change Winbox to some stupid Electron app. Winbox is perfect as it is. We DON'T want it to change.
 
fatonkastrati
just joined
Posts: 2
Joined: Fri Jul 06, 2018 1:27 pm

Re: Winbox v3.16 released!

Fri Jul 06, 2018 1:36 pm

Hello everybody,
Nowadays I have problem connecting remotely as a user to mikrotik using winbox. Also problem to connect with webfig. In some Public IPs it works but in majority of them not. Do anybody have any informations about this issue?
The request of winbox is: could not connect to....IP!

Thanks,
Faton
 
User avatar
karlisi
Member Candidate
Member Candidate
Posts: 246
Joined: Mon May 31, 2004 8:09 am
Location: Latvia

Re: Winbox v3.16 released!

Fri Jul 06, 2018 2:42 pm

Hello everybody,
Faton
Start new topic, please! This is for problems with Winbox v3.16 only!
---
Karlis
 
User avatar
Steveocee
Forum Guru
Forum Guru
Posts: 1085
Joined: Tue Jul 21, 2015 10:09 pm
Location: UK
Contact:

Re: Winbox v3.16 released!

Mon Jul 09, 2018 5:19 pm

Don't touch my WinBox, or else! I don't know yet what else, I'm thinking about perhaps some haunting in dreams, which I can't do currently, but to avenge WinBox, I'd learn! :twisted:
+1 (except a little bit more passive aggressively)
Steve "Steveocee" Carter
PC Gamer, Airsofter, MikroTik Nerd
My Website - My MikroTik Tutorials
 
R1CH
Forum Veteran
Forum Veteran
Posts: 883
Joined: Sun Oct 01, 2006 11:44 pm

Re: Winbox v3.16 released!

Mon Jul 09, 2018 7:56 pm

Winbox self-update is still vulnerable to MITM to execute arbitrary code. (ref: ticket 2018052822004611)
 
Kraken2k
Frequent Visitor
Frequent Visitor
Posts: 52
Joined: Wed Oct 01, 2014 1:50 pm
Location: Prague

Re: Winbox v3.16 released!

Tue Jul 10, 2018 2:54 pm

The problem with "Click Reconnect, then Winbox window disappears and after exactly 30 seconds automatically disconnect from device with Connection lost window appearing again" still persist

(first time spotted in v3.14 viewtopic.php?f=21&t=134940&start=50#p665710)
 
User avatar
pietroscherer
Trainer
Trainer
Posts: 158
Joined: Thu Mar 05, 2015 3:05 pm
Location: RS, Brazil
Contact:

Re: Winbox v3.16 released!

Wed Jul 11, 2018 2:16 pm

The problem with "Click Reconnect, then Winbox window disappears and after exactly 30 seconds automatically disconnect from device with Connection lost window appearing again" still persist

(first time spotted in v3.14 viewtopic.php?f=21&t=134940&start=50#p665710)
The same here, running Crossover / MacOS.
Pietro Scherer
http://www.tchesolutions.com.br [ISPs Consulting and Training]
http://www.routermage.com [Backup and Automation System]
:D
 
colinardo
just joined
Posts: 8
Joined: Sun Jan 08, 2017 9:02 pm

Re: Winbox v3.16 released!

Wed Jul 11, 2018 5:54 pm

Since v3.15 when opening a static IPv6 route that has a link-local gateway causes 100% cpu usage on winbox using Win7 x64.
Have the same symptom here in the CAPsMAN Channel-List. Sometimes when copying channel and editing either frequency name or other items for that channel, the dialog freezes and does not respond to entries (Win7 x64).

Best regards
@colinardo
 
pe1chl
Forum Guru
Forum Guru
Posts: 5697
Joined: Mon Jun 08, 2015 12:09 pm

Re: Winbox v3.16 released!

Wed Jul 11, 2018 6:04 pm

I would welcome when the winbox-router connection is a little more patient in cases of network loss.
With brief network interrups, like an intermediate router rebooting or an access point re-associating or a PPPoE connection being re-made, the open winbox windows all fall back to the connection screen.
It would be nice when there was a configurable timeout or some option for patience in case of "network unreachable" replies. It could come back soon :-)
 
User avatar
Cha0s
Forum Veteran
Forum Veteran
Posts: 890
Joined: Tue Oct 11, 2005 4:53 pm

Re: Winbox v3.16 released!

Wed Jul 11, 2018 6:08 pm

I would welcome when the winbox-router connection is a little more patient in cases of network loss.
With brief network interrups, like an intermediate router rebooting or an access point re-associating or a PPPoE connection being re-made, the open winbox windows all fall back to the connection screen.
It would be nice when there was a configurable timeout or some option for patience in case of "network unreachable" replies. It could come back soon :-)
+1

Especially now with winbox 3 that completely hides the whole window when disconnected so you cannot see what was happening at the time that got disconnected.

Winbox 2 would keep the window open with all windows inside as they were at the time of the disconnection (and rarely would completely exit on disconnect).
 
User avatar
amt
Long time Member
Long time Member
Posts: 525
Joined: Fri Jan 16, 2015 2:05 pm

Re: Winbox v3.16 released!

Thu Jul 12, 2018 8:37 am

The problem with "Click Reconnect, then Winbox window disappears and after exactly 30 seconds automatically disconnect from device with Connection lost window appearing again" still persist

(first time spotted in v3.14 viewtopic.php?f=21&t=134940&start=50#p665710)
same... every one have this problem ?
 
npero
Member
Member
Posts: 316
Joined: Tue Mar 01, 2005 1:59 pm
Location: Serbia

Re: Winbox v3.16 released!

Thu Jul 12, 2018 10:40 am

Confirm some problem.
 
sid5632
Member
Member
Posts: 349
Joined: Fri Feb 17, 2017 6:05 pm

Re: Winbox v3.16 released!

Thu Jul 12, 2018 11:30 am

same... every one have this problem ?
Yep...
 
User avatar
alexvdbaan
Trainer
Trainer
Posts: 38
Joined: Sun Feb 22, 2015 12:12 pm
Location: Amsterdam, Netherlands
Contact:

Re: Winbox v3.16 released!

Mon Jul 16, 2018 9:49 am

The problem with "Click Reconnect, then Winbox window disappears and after exactly 30 seconds automatically disconnect from device with Connection lost window appearing again" still persist

(first time spotted in v3.14 viewtopic.php?f=21&t=134940&start=50#p665710)
same... every one have this problem ?
I have a CCR1009 (6.42.5) with a routed subnet connected through a cable connection and a fiber line through PPPoE. When I connect to my PPPoE fiber I get the 30 seconds disconnect. I also notice that my winbox stats (time/cpu/uptime) all remain on 00:00:00. When I connect to my cable connection on the same box this issue doesn't appear, my connection remains stable and I receive the winbox stats after 2 seconds. I also tested this on a RB3011 with 6.40.8 and fiber PPPoE, same issue: no stats and 30 second disconnect.

When downloading winbox 3.12 my connection to the PPPoE connections remain stable and I receive my winbox stats immediately, this goes for the CCR1009 & the RB3011
 
pe1chl
Forum Guru
Forum Guru
Posts: 5697
Joined: Mon Jun 08, 2015 12:09 pm

Re: Winbox v3.16 released!

Mon Jul 16, 2018 10:51 am

That could well be an MTU issues. Those routed subnets on cable are in fact delivered as a VPN and have quite low MTU, like 1456 or so.
You need to set that on your interface or you will have strange issues.
 
User avatar
strods
MikroTik Support
MikroTik Support
Topic Author
Posts: 1406
Joined: Wed Jul 16, 2014 7:22 am
Location: Riga, Latvia

Re: Winbox v3.16 released!

Mon Jul 16, 2018 11:17 am

We are aware of problem that Winbox disconnects after a small inactivity period if specific windows are opened. We will try to fix this problem as soon as possible.
 
User avatar
Kickoleg
Member Candidate
Member Candidate
Posts: 127
Joined: Tue Mar 11, 2014 3:13 pm
Location: Yverdon-les-Bains, Suisse

Re: Winbox v3.16 released!

Tue Jul 17, 2018 12:34 pm

winbox 3.16 - impossible add ip address for bridge .. .immediately dissconnect without adding ip address ...
testing in this sitatution :
WAP LTE kit, SXT LTE kit coneecting throut the cable with port ether1 from laptop...
reset no defaults -> add bridge "Bridge" mode=no -> add port ether1 to bridge -> add ip address 192.168.X.1/24 -> imeediately dissconect without adding ip address
Version router 6.42.6
Very disappointed with the latest products Mikrotik ...
MTCNA, MTCUME, MTCRE, MTCWE, MTCTCE certified
 
User avatar
Chupaka
Forum Guru
Forum Guru
Posts: 8305
Joined: Mon Jun 19, 2006 11:15 pm
Location: Minsk, Belarus
Contact:

Re: Winbox v3.16 released!

Tue Jul 17, 2018 1:43 pm

Are you sure you're not disconnected on "add port ether1 to bridge"? How do you connect to the router? I can't repeat such problem on my virtual ROS...
Russian-speaking forum: https://forum.mikrotik.by/. Welcome!

For every complex problem, there is a solution that is simple, neat, and wrong.

MikroTik. Your life. Your routing.
 
User avatar
Kickoleg
Member Candidate
Member Candidate
Posts: 127
Joined: Tue Mar 11, 2014 3:13 pm
Location: Yverdon-les-Bains, Suisse

Re: Winbox v3.16 released!

Tue Jul 17, 2018 2:45 pm

Are you sure you're not disconnected on "add port ether1 to bridge"? How do you connect to the router? I can't repeat such problem on my virtual ROS...
I'm pretty sure ... disconnect if I add to bridge port i understand what mac-address changes ... and here situation when i add to bridge ip address it disconnect and not write ip address ...
And i have old winbox version 2.2.18 and i can configure ip address without problemm ....
MTCNA, MTCUME, MTCRE, MTCWE, MTCTCE certified
 
User avatar
Cha0s
Forum Veteran
Forum Veteran
Posts: 890
Joined: Tue Oct 11, 2005 4:53 pm

Re: Winbox v3.16 released!

Tue Jul 17, 2018 3:39 pm

Since v3.15 when opening a static IPv6 route that has a link-local gateway causes 100% cpu usage on winbox using Win7 x64.
Have the same symptom here in the CAPsMAN Channel-List. Sometimes when copying channel and editing either frequency name or other items for that channel, the dialog freezes and does not respond to entries (Win7 x64).

Best regards
@colinardo
And another place this bug occurs is when I have an EoIP tunnel and I click on the MTU field. It doesn't occur when adding a new EoIP tunnel, only when editing an existing one that doesn't have the MTU field configured yet.
 
neyla12
just joined
Posts: 2
Joined: Tue Jul 17, 2018 1:11 am

Re: Winbox v3.16 released!

Wed Jul 18, 2018 3:40 am

Have the same symptom here in the CAPsMAN Channel-List too.
 
User avatar
Cha0s
Forum Veteran
Forum Veteran
Posts: 890
Joined: Tue Oct 11, 2005 4:53 pm

Re: Winbox v3.16 released!

Thu Jul 19, 2018 4:57 pm

Yeah, the bug is present in many places.

IPv6 static routes with link-local gateways will cause 100% cpu and disconnect.
Editing and EoIP tunnel and setting the MTU (when not already set) will cause 100% cpu and disconnect.
Copying an SSTP Client interface will cause 100% cpu and disconnect.
Copying an OVPN Client interface will cause 100% cpu and disconnect.
Copying an EoIP interface will cause 100% cpu and disconnect.
Just opening any PPP secret will cause 100% cpu and disconnect.
And as mentioned (but I haven't tested it myself) also CAPsMAN Channel-List causes the same problem.

When I say 100% I mean winbox consumes 100% cpu (single core) on the host PC. Not ROS.
 
User avatar
mrz
MikroTik Support
MikroTik Support
Posts: 5919
Joined: Wed Feb 07, 2007 12:45 pm
Location: Latvia
Contact:

Re: Winbox v3.16 released!

Thu Jul 19, 2018 5:01 pm

Win10 and linux+wine did not experience any of your listed problems.
 
User avatar
Cha0s
Forum Veteran
Forum Veteran
Posts: 890
Joined: Tue Oct 11, 2005 4:53 pm

Re: Winbox v3.16 released!

Thu Jul 19, 2018 5:07 pm

On Win7 x64 the problems exist.
 
sid5632
Member
Member
Posts: 349
Joined: Fri Feb 17, 2017 6:05 pm

Re: Winbox v3.16 released!

Thu Jul 19, 2018 9:02 pm

I left a CHR with just the Dude Settings dialog open and closed Winbox.
When I re-opened it, it had the IP Settings dialog open instead.
This is perfectly repeatable across at least ROS 6.42.6 and 6.43rc44 so I conclude it's another Winbox problem.
Bizarre!
 
sell4bids
just joined
Posts: 1
Joined: Fri Jul 06, 2018 10:24 am
Location: Dallas, TX
Contact:

Re: Winbox v3.16 released!

Fri Jul 20, 2018 4:43 pm

Have the same symptom here in the CAPsMAN Channel-List too.
Sell4Bids is an Ultra-Cool Super-Easy App for Auctioning off your Stuff & Listing your Jobs. It’s as easy as taking a Selfie!
https://www.sell4bids.com/
 
User avatar
Jotne
Forum Guru
Forum Guru
Posts: 1290
Joined: Sat Dec 24, 2016 11:17 am
Location: jo.overland at gmail.com

Re: Winbox v3.16 released!

Wed Jul 25, 2018 8:10 am

Request for new function.

When you in Firewall select column to show, you get a long, long list.
It would be nice to have mouse scroll working, so I do not ned click on and on to get to the bottom.
So add Mouse Scroll to work everywhere.
 
How to use Splunk to monitor your MikroTik Router

MikroTik->Splunk
 
 
pe1chl
Forum Guru
Forum Guru
Posts: 5697
Joined: Mon Jun 08, 2015 12:09 pm

Re: Winbox v3.16 released!

Wed Jul 25, 2018 9:49 am

When you in Firewall select column to show, you get a long, long list.
It would be nice to have mouse scroll working, so I do not ned click on and on to get to the bottom.
So add Mouse Scroll to work everywhere.
I know what you mean, but you can use the End key to go to the end of the list quickly.
However, now that I have a new monitor (2560x1440) I do see the whole list at once :D
I have suggested before that this whole thing should be re-made: instead of the two-level fold-out menu
where you can select/unselect a single item at a time, the menu should open a multi-column dialog (solving
your problem) with all items + checkmark and OK/CANCEL button so you can select/unselect as many items
as you like and then confirm in one action.
 
User avatar
Jotne
Forum Guru
Forum Guru
Posts: 1290
Joined: Sat Dec 24, 2016 11:17 am
Location: jo.overland at gmail.com

Re: Winbox v3.16 released!

Wed Jul 25, 2018 10:30 am

I do agree that it should be rewritten.

END did not work,but UP arrow takes me to the bottom of the list, sine going one up scrolls around to the bottom :)
 
How to use Splunk to monitor your MikroTik Router

MikroTik->Splunk
 
 
icedblind
just joined
Posts: 9
Joined: Fri Jun 22, 2012 10:56 am

Re: Winbox v3.16 released!

Thu Jul 26, 2018 2:51 pm

In 3.16 version of Winbox, i still have problems to connect to 5.26 version of RouterOS rbs:
"ERROR: could not fetch index"
What log can i provide to debug more?

It is strongly recommended to read software changelog before an upgrade:
Sorry i've now realized my reading error, i understod that in 3.16 you were re-enabling back support for RouterOs "older than" v6.
My fault! Bye.
Last edited by icedblind on Thu Jul 26, 2018 4:31 pm, edited 2 times in total.
 
User avatar
strods
MikroTik Support
MikroTik Support
Topic Author
Posts: 1406
Joined: Wed Jul 16, 2014 7:22 am
Location: Riga, Latvia

Re: Winbox v3.16 released!

Thu Jul 26, 2018 3:10 pm

It is strongly recommended to read software changelog before an upgrade:

viewtopic.php?t=132974

"abandoned support for connecting to older RouterOS versions (older than v6), no DLLs will ever be downloaded"
 
wardat79150
just joined
Posts: 1
Joined: Thu Jul 26, 2018 3:39 pm

Re: Winbox v3.16 released!

Thu Jul 26, 2018 3:58 pm

Hi there
My problem is in hotspot users ,when i login to mikrotik router by winbox go to users i found that some of users are making for them disable for alone outmaticly
and I enable them bake
after about 15 minutes I see them bake bisable alone
Please I need help
Thanks
 
Sob
Forum Guru
Forum Guru
Posts: 4527
Joined: Mon Apr 20, 2009 9:11 pm

Re: Winbox v3.16 released!

Thu Jul 26, 2018 6:06 pm

"abandoned support for connecting to older RouterOS versions (older than v6), no DLLs will ever be downloaded"
You probably don't want to do it, but what about support for local dlls? A one-time download containing all 5.26 dlls that WinBox would be willing to use if available? Because there are some older devices that can't be upgraded to 6.x at all, or it's too heavy for them. It probably wouldn't be the perfect solution, because I guess there's no backward compatibility (5.26 dlls for other 5.x or even 4.x, ...), but better than nothing. Keeping older WinBox is of course an option, but it's a little annoying to remember which one needs to be used for given device. Or perhaps an option in new WinBox to open older one, when RouterOS < 6 is detected?
People who quote full posts should be spanked with ethernet cable. Some exceptions for multi-topic threads may apply.
 
athanp
just joined
Posts: 1
Joined: Mon Jul 30, 2018 3:29 pm

Re: Winbox v3.16 released!

Mon Jul 30, 2018 4:02 pm

Hello,

can you please add columns Firmware & Software Version when we save [add/set] , it would help allot with winbox zero day attack .

regards

Athanasios Paloukis
 
kibe
just joined
Posts: 3
Joined: Thu Aug 02, 2018 12:00 am

Re: Winbox v3.16 released!

Thu Aug 02, 2018 12:11 am

Did anybody tell me something...
Why winbox store saved passwords in plane text in his config files?
For eaxmple here c:\Users\<UserName>\AppData\Roaming\Mikrotik\Winbox\Addresses.cdb and settings.cfg.viw
Is it normal? Or maby someone crazy wrote this app?
At time, when we are discussing the 0-days vulnerability, someone can easily steal these files and receive passwords!
 
pe1chl
Forum Guru
Forum Guru
Posts: 5697
Joined: Mon Jun 08, 2015 12:09 pm

Re: Winbox v3.16 released!

Thu Aug 02, 2018 12:30 am

It is your choice to keep passwords and not use a master password.
(although it is not optimal that that is the default setup)
Frankly I prefer that in such cases the passwords are plainly visible in the file and not stored using
some obfuscation that makes you feel good when you view the file but that can easily be reversed
by people who know how it works.
 
kibe
just joined
Posts: 3
Joined: Thu Aug 02, 2018 12:00 am

Re: Winbox v3.16 released!

Thu Aug 02, 2018 8:22 am

This is all controversy: master password or not mater password. Did you understand, how easy to steal and read this 2 files or you joking here?
If program of this kind does not protect passwords from simple reading by notepad - it's a deface against customers! Many "thanks"!
 
User avatar
normis
MikroTik Support
MikroTik Support
Posts: 24127
Joined: Fri May 28, 2004 11:04 am
Location: Riga, Latvia

Re: Winbox v3.16 released!

Thu Aug 02, 2018 8:35 am

It's even in the manual:
Managed routers list is encrypted, but it can still be loaded in other winbox without problems IF the master password is not set for it!
No answer to your question? How to write posts
 
pe1chl
Forum Guru
Forum Guru
Posts: 5697
Joined: Mon Jun 08, 2015 12:09 pm

Re: Winbox v3.16 released!

Thu Aug 02, 2018 11:05 am

This is all controversy: master password or not mater password. Did you understand, how easy to steal and read this 2 files or you joking here?
If program of this kind does not protect passwords from simple reading by notepad - it's a deface against customers! Many "thanks"!
What do you mean it is easy to steal? First the computer you use would have to be compromised. It is not easy for you to read my file!
Then, if you value this information you should use a master password. You chose not to.
Then, when you configure your routers you should take measures so they are accessible only for you and other admins, using firewall.
So even when someone knows the passwords for your customers, he should not be able to login to their routers.
 
kibe
just joined
Posts: 3
Joined: Thu Aug 02, 2018 12:00 am

Re: Winbox v3.16 released!

Thu Aug 02, 2018 1:35 pm

It's monstrous!
You're kidding, right?
I have never seen people that you say "You have shit on pants" and he said "they are new and clean."
I just said about the manufacturer's oversight, and you're proving to me that everything is perfectly well thought out.
Hilarious. (On salary in Mikrotik?)

In any program, such as Skype, ICQ, What's up, Thundebird etc (you know about the existence of such programs?), Passwords can not be read, even if they are saved. And do not need any master passwords.

If you can not steal files from someone else's computer - it doesn't mean that no one can. So why expose people to danger?

"you should, he should"
First of all, the manufacturer should take minimum efforts to protect customers. Mikrotik equipment is not cheapest.

Do not fool me. I have drawn my conclusions.
And if the manufacturer does not want to do anything - there are a lot of other manufacturers, more competent.
But who will return the money (and the damage after hacking)?
 
msatter
Forum Guru
Forum Guru
Posts: 1195
Joined: Tue Feb 18, 2014 12:56 am
Location: Netherlands / Nīderlande

Re: Winbox v3.16 released!

Thu Aug 02, 2018 1:57 pm

I had a problem that Winbox was shutting down after 35 seconds. I could extend this time by keeping kicking stuff in Winbox.
It would not display the uptime and clock And it only displayed zeroes. When opened health it onle displayed the buttons and after a few seconds it resized so that the values could be displayed.

The cause was that I changed in an addresslists entry and applied. The change window was kept open and was hidden by other windows. After a short time I reverted it and applied.

The troubles started and ended when I closed the obscured window. It was not pleasant 20 minutes before I found the cause.
Last edited by msatter on Thu Aug 02, 2018 2:22 pm, edited 1 time in total.
Two RB760iGS (hEX S) in series. One does PPPoE and both do IKEv2.
Running:
RouterOS 6.46Beta / Winbox 3.19 / MikroTik APP 1.3.2
Having an Android device, use https://github.com/M66B/NetGuard/releases (no root required)
 
joegoldman
Member
Member
Posts: 484
Joined: Mon May 27, 2013 2:05 am

Re: Winbox v3.16 released!

Thu Aug 02, 2018 2:05 pm

Can the sort by GROUP function be fixed up so instead of grouping by the first letter it groups by the full group name? Makes it hard when you're trying to group by site and have a few sites that start with same name and they all group together under 'S' or 'B' or something.
 
User avatar
Cha0s
Forum Veteran
Forum Veteran
Posts: 890
Joined: Tue Oct 11, 2005 4:53 pm

Re: Winbox v3.16 released!

Thu Aug 02, 2018 2:22 pm

It's monstrous!
You're kidding, right?
I have never seen people that you say "You have shit on pants" and he said "they are new and clean."
I just said about the manufacturer's oversight, and you're proving to me that everything is perfectly well thought out.
Hilarious. (On salary in Mikrotik?)

In any program, such as Skype, ICQ, What's up, Thundebird etc (you know about the existence of such programs?), Passwords can not be read, even if they are saved. And do not need any master passwords.

If you can not steal files from someone else's computer - it doesn't mean that no one can. So why expose people to danger?

"you should, he should"
First of all, the manufacturer should take minimum efforts to protect customers. Mikrotik equipment is not cheapest.

Do not fool me. I have drawn my conclusions.
And if the manufacturer does not want to do anything - there are a lot of other manufacturers, more competent.
But who will return the money (and the damage after hacking)?
LMAO

If you are such a power user (you must be. Your are using ICQ!) that is afraid to use winbox, then please, by all means, do not use it.
Then see how nobody give a s**t :D

Oh, and you can read the passwords of thunderbird or firefox JUST FINE.

edit: typos
Last edited by Cha0s on Thu Aug 02, 2018 5:33 pm, edited 1 time in total.
 
pe1chl
Forum Guru
Forum Guru
Posts: 5697
Joined: Mon Jun 08, 2015 12:09 pm

Re: Winbox v3.16 released!

Thu Aug 02, 2018 3:57 pm

In any program, such as Skype, ICQ, What's up, Thundebird etc (you know about the existence of such programs?), Passwords can not be read, even if they are saved. And do not need any master passwords.
You clearly have no understanding of the situation.
First, there is a big difference between the storage of passwords on a server (where they are used to authenticate the user) and on a client (where they are stored for convenience to the user).
The server can store a hashed password that cannot be reversed except by brute force.
The client cannot do that, it has to store the password itself as it needs that later to be sent to the server.

So the password has to be stored either:
1 - encrypted by a master password that can be used to decrypt it once required
2 - obfuscated (stored encrypted by a fixed password or algorithm)
3 - plaintext

Programs like thunderbird can use option 1 or 2, programs like winbox use option 1 or 3.
You may think that your password is safe in thunderbird when you are not using a master password, but IT IS NOT!!
Tools are available to get it from the file when the file has been stolen. You think you are safe because you cannot
do it using notepad, but the hacker who has stolen your file knows how to do it! Except when you used a master password.
It always has to be like this because the program itself has to be able to retrieve the plain password and it is only a matter
of time until the bad guys find out how that is done and replicate it.
In this case I prefer the option as used by winbox as now you are aware of the risk and in case of thunderbird you are not.
 
User avatar
normis
MikroTik Support
MikroTik Support
Posts: 24127
Joined: Fri May 28, 2004 11:04 am
Location: Riga, Latvia

Re: Winbox v3.16 released!

Fri Aug 03, 2018 9:19 am

You can't encrypt the passwords without a master password. How would you decrypt them then? This applies to any program, where you have any data that needs to be encrypted. To encrypt something, you need to have a decryption key. This is the master password.

Yes, and as above people said, all your mentioned tools have easily readable passwords. You simply did not know that.
No answer to your question? How to write posts
 
msatter
Forum Guru
Forum Guru
Posts: 1195
Joined: Tue Feb 18, 2014 12:56 am
Location: Netherlands / Nīderlande

Re: Winbox v3.16 released!

Fri Aug 03, 2018 10:42 am

You can't encrypt the passwords without a master password. How would you decrypt them then? This applies to any program, where you have any data that needs to be encrypted. To encrypt something, you need to have a decryption key. This is the master password.

Yes, and as above people said, all your mentioned tools have easily readable passwords. You simply did not know that.
I am a bit confused now al that talk about a Master password?

When I am thinking up a password and enter it twice it should be hashed and salted and that result is stored in the device.The device does not know the plain password and only the authorized users should know it. If an authorized user enters the correct password which is after hasing and salting a matched against the hashed and salted one in the device then only a yes or no is communicated. This is implemented since a short time if I am correct now backups need a password to be encrypt and that is not default the password for the device....great improvement!

If you let WinBox remember (Keep Password) your plain password because you don't want to enter it every time then it becomes the responsibility of the user.

Looked in the WiKi and it is something between devices....why don't use a method like SSH does. The second router has to confirm the key and store that. After that the Master has access to slave devices until that key is revoked. You can even encrypt the traffic between the two devices with it.
Two RB760iGS (hEX S) in series. One does PPPoE and both do IKEv2.
Running:
RouterOS 6.46Beta / Winbox 3.19 / MikroTik APP 1.3.2
Having an Android device, use https://github.com/M66B/NetGuard/releases (no root required)
 
pe1chl
Forum Guru
Forum Guru
Posts: 5697
Joined: Mon Jun 08, 2015 12:09 pm

Re: Winbox v3.16 released!

Fri Aug 03, 2018 11:47 am

I am a bit confused now al that talk about a Master password?

When I am thinking up a password and enter it twice it should be hashed and salted and that result is stored in the device.
It would be better when you first read all articles. I have explained above what is the difference between that and the passwords in winbox, thunderbird and other client software. And Normis also confirmed that.
why don't use a method like SSH does. The second router has to confirm the key and store that. After that the Master has access to slave devices until that key is revoked. You can even encrypt the traffic between the two devices with it.
That is not more secure than that is done now. User kibe is worried that when someone would steal his file with saved passwords the attacker would be able to login to his routers. In your scenario that would be equal to the attacker stealing the file with your secret key (of which you have installed the public key on the router) and again the attacker would be able to login to your router. No difference.
 
msatter
Forum Guru
Forum Guru
Posts: 1195
Joined: Tue Feb 18, 2014 12:56 am
Location: Netherlands / Nīderlande

Re: Winbox v3.16 released!

Fri Aug 03, 2018 12:27 pm

I also wrote,
If you let WinBox remember (Keep Password) your plain password because you don't want to enter it every time then it becomes the responsibility of the user.
Winbox should not keep any passwords when Keep Passwod is not selected for the setting gor that specific device. I can't image that is the case so, Kibe it is your own choice.

A stolen private key is of course a weak point of all encryption setups. You could set a password to use the PK and better not store that password on your system.

https://www.digitalocean.com/community ... nux-server

Maybe support those USB key sticks. No stick inserted in the computer if you are using winbox not access.
Two RB760iGS (hEX S) in series. One does PPPoE and both do IKEv2.
Running:
RouterOS 6.46Beta / Winbox 3.19 / MikroTik APP 1.3.2
Having an Android device, use https://github.com/M66B/NetGuard/releases (no root required)
 
msatter
Forum Guru
Forum Guru
Posts: 1195
Joined: Tue Feb 18, 2014 12:56 am
Location: Netherlands / Nīderlande

Re: Winbox v3.16 released!

Fri Aug 03, 2018 11:34 pm

OK I was thinking of the communication between routers and the Master Password is about saving the configs in a file on your computer so you can transfer to an other instance of Winbox.

I was wrong!

So looking at what it is and how it works and the options. Looking at the password interface I can only complain about having the password in there that opens all that WBX config files that are saved with that password. The possibility to save without an password should be only be possible if also the passwords for the routers themselves is used looks for me a basic step.

The text on the button is "Set Master Password" if there is a password present or not. It would be clearer if there is a password present to change the text on the button to "Change Master Password".

So now Winbox is always communicating secure since 3.16 I have a question how the password entered in Winbox is communicated with the router. Is it correct that I assume that first the secure connection is completed before the password or his hash is transferred?
Two RB760iGS (hEX S) in series. One does PPPoE and both do IKEv2.
Running:
RouterOS 6.46Beta / Winbox 3.19 / MikroTik APP 1.3.2
Having an Android device, use https://github.com/M66B/NetGuard/releases (no root required)
 
User avatar
k6ccc
Member
Member
Posts: 473
Joined: Fri May 13, 2016 12:01 am
Location: Glendora, CA, USA (near Los Angeles)

Re: Winbox v3.16 released!

Tue Aug 07, 2018 1:11 am

If you go to the software download page and select Winbox, the dropdown shows 3.17, but that results in a 404 error. Might want to fixed the webpage - either that or 3.17 is about to be released about the time I post this message :)
RB750Gr3, RB750r2, CRS326-24G-2S (in SwitchOS), CSS326-24G-2S, CSS106-5G-1S, RB260GS
Not sure if I beat them in submission, or they beat me into submission


Jim
 
User avatar
Jotne
Forum Guru
Forum Guru
Posts: 1290
Joined: Sat Dec 24, 2016 11:17 am
Location: jo.overland at gmail.com

Re: Winbox v3.17 released!

Tue Aug 07, 2018 9:00 am

 
How to use Splunk to monitor your MikroTik Router

MikroTik->Splunk
 

Who is online

Users browsing this forum: No registered users and 3 guests