Coding a RB Simulator

marklodge · Sat Feb 03, 2018 5:03 pm

I want to code a RouterOS / Routerboard Simulator. My initial test was to create a listener on TCP port 8291, but when I try to connect to my listener IP from winbox I dont get any response. What am I doing wrong?
I also need to set up the simulator to show up in MikroTik Neighbor Discovery, any help will be appreciated.
My application: Mikrotik Simulation in networks for honeypots with advanced logging to detect and categorize login failures on routers.

Sat Feb 03, 2018 6:11 pm

Run normal chr instead the simulator. Why to simulate anything that you can have in real?

marklodge · Sat Feb 03, 2018 6:45 pm

Run normal chr instead the simulator.

What is normal chr?

Why to simulate anything that you can have in real?

I require advanced logging, for example, if an intruder touches the mikrotik simulation it needs to log everything possible, date, time, username/s,password/s, source etc. As far as I understand, RouterOS does not really cover all of this. Secondly a licence would be required for each Mikrotik honeypot, and it is doing no work besides sitting there waiting to detect a possible intrusion, which may never happen for the entire duration of the deployment

darkprocess · Sat Feb 03, 2018 7:11 pm

The free CHR license can be used

p3rad0x · Mon Feb 05, 2018 1:37 pm

You can use ip --> services and filter rules to prevent any possible intrusion.

Only make winbox/ssh accessible from a certain ip or subnet and disable the mac server on client facing interfaces, then you should be safe.

Mon Feb 05, 2018 1:57 pm

Run normal chr instead the simulator.
What is normal chr?

Cloud Hosted Router. A version of RouterOS for use in Virtual Machines, like VirtualBox, VMWare and the like. You get the real software running on a virtual hardware, and you can have as many of them running at once as the real hardware will let you. You can even use applications like GNS3 to simulate entire topologies connected in arbitrary ways and including various client devices in addition to various routers and switches.

Technically, you can also run a normal x86 image on virtual machines. However, CHR is x86_64 (meaning it can use more than 3.5GiB RAM if it is allocated that much), and has drivers for virtual network adapters, allowing it to be more efficient on a virtual machine than an x86 image.

As for licenses... You could get one license, and then copy the licensed virtual HDD. Since the license is bound to a HDD, you can have as many copies as you want... OR just keep the config, then recreate the VM and import the config every 24 hours on an unlicensed VM. There are tools like Packer that can let you automate this down to a single command line call. I use such a template to make a test VM for my API client.

marklodge · Sun Feb 11, 2018 4:44 pm

Run normal chr instead the simulator.
What is normal chr?
Cloud Hosted Router. A version of RouterOS for use in Virtual Machines, like VirtualBox, VMWare and the like. You get the real software running on a virtual hardware, and you can have as many of them running at once as the real hardware will let you. You can even use applications like GNS3 to simulate entire topologies connected in arbitrary ways and including various client devices in addition to various routers and switches.

Technically, you can also run a normal x86 image on virtual machines. However, CHR is x86_64 (meaning it can use more than 3.5GiB RAM if it is allocated that much), and has drivers for virtual network adapters, allowing it to be more efficient on a virtual machine than an x86 image.

As for licenses... You could get one license, and then copy the licensed virtual HDD. Since the license is bound to a HDD, you can have as many copies as you want... OR just keep the config, then recreate the VM and import the config every 24 hours on an unlicensed VM. There are tools like Packer that can let you automate this down to a single command line call. I use such a template to make a test VM for my API client.

Excellent!
Thanks alot guys, I did not know about CHR and that I could clone my licence and use it. This should work fine for my application