Community discussions

MikroTik App
 
User avatar
LAYERWEB
just joined
Posts: 10
Joined: Thu Nov 14, 2024 1:40 am
Contact:

Re: Address lists downloader (DShield, Spamhaus DROP/EDROP, etc)

Thu Nov 14, 2024 6:50 pm

The raised issue is not related to MITM attacks, possible attack vector is the following, whenever you "blindly" trust a third party and use a given external address/domain on which you have not full control:
1) someone (in perfect good faith) provides a service of some kind
2) you connect to it and get from it something (which is good, useful and what not)
3) everything is fine and works nicely
4) then, one day, either:
4.a) the good guys setting up the service loose control of the site (for *whatever* reasons)
or
4.b) the contents of the site/service are replaced with malicious ones without the good guys noticing it (at all or in a timely manner)

Something hosted on github may be more safe for both possibilities #4.a and #4.b when compared to a "normal" domain (that can be bought/sold/expire and is likely to have worse access security), but it is not - in principle - failsafe.

And we did not even take into consideration the possibility that someone builds intentionally a perfectly good service/site with the intention - since the beginning - to leverage its popularity for *whatever* nefarious action in 3 or 6 or 12 months time.
There are millions of projects using open source on github. I am clearly saying here that those who trust will use it, those who do not will not use it. I understand the scenarios you mentioned. However, if you already trust a company, you need to trust that that company protects its own accounts and itself. Those who don't trust won't use it, it's that simple and clear. You can review the changes in the entire file on github. In addition, the reason for "specifying the man in the middle attack" is the comments in the post of a friend who thinks he is knowledgeable in terms of security.

Expl: https://list.rtbh.com.tr/mikrotik.rsc - and there are many more such well-intentioned projects.

I won't be able to argue with a he who is so ignorant that a simple well-intentioned post would be interpreted negatively in terms of the security of a service provider.
 
jaclaz
Forum Guru
Forum Guru
Posts: 1915
Joined: Tue Oct 03, 2023 4:21 pm

Re: Address lists downloader (DShield, Spamhaus DROP/EDROP, etc)

Thu Nov 14, 2024 6:59 pm

But there is nothing to argue about, when doing *anything* there are some risks involved, everyone should be able to evaluate these risks and decide whether to take them or not.

Personally, if it wasn't that I need internet access, I would have only air-gapped systems :wink: .
:lol:
 
User avatar
LAYERWEB
just joined
Posts: 10
Joined: Thu Nov 14, 2024 1:40 am
Contact:

Re: Address lists downloader (DShield, Spamhaus DROP/EDROP, etc)

Thu Nov 14, 2024 7:24 pm

But there is nothing to argue about, when doing *anything* there are some risks involved, everyone should be able to evaluate these risks and decide whether to take them or not.

Personally, if it wasn't that I need internet access, I would have only air-gapped systems :wink: .
:lol:
edited
Last edited by chechito on Fri Nov 15, 2024 8:35 am, edited 1 time in total.
Reason: edit linked content
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 12530
Joined: Tue Feb 25, 2014 12:49 pm
Location: Italy
Contact:

Re: Address lists downloader (DShield, Spamhaus DROP/EDROP, etc)

Thu Nov 14, 2024 7:44 pm

Obviously, it is obvious that you do not know how to distinguish a list of IPs from a list of commands, there is little to add.
 
User avatar
LAYERWEB
just joined
Posts: 10
Joined: Thu Nov 14, 2024 1:40 am
Contact:

Re: Address lists downloader (DShield, Spamhaus DROP/EDROP, etc)

Thu Nov 14, 2024 9:12 pm

Obviously, it is obvious that you do not know how to distinguish a list of IPs from a list of commands, there is little to add.
Stop bullshitting. It is obvious from your ridiculous comments about the company that you do not have good intentions. "Even in practice your knowledge is very low."
 
User avatar
chechito
Forum Guru
Forum Guru
Posts: 3115
Joined: Sun Aug 24, 2014 3:14 am
Location: Bogota Colombia
Contact:

Re: Address lists downloader (DShield, Spamhaus DROP/EDROP, etc)

Fri Nov 15, 2024 8:34 am

Hello!
In order not to overload, you can achieve this automation by just downloading and importing instead of having the entire process done on routeros.
please use proper forum section to post this info

3rd party tools forum section

viewforum.php?f=25
 
selfish21
just joined
Posts: 6
Joined: Tue Jul 23, 2024 11:22 am

Re: Address lists downloader (DShield, Spamhaus DROP/EDROP, etc)

Tue Nov 19, 2024 4:18 pm

----------------------
Last edited by selfish21 on Fri Nov 29, 2024 9:27 am, edited 1 time in total.
 
selfish21
just joined
Posts: 6
Joined: Tue Jul 23, 2024 11:22 am

Re: Address lists downloader (DShield, Spamhaus DROP/EDROP, etc)

Fri Nov 22, 2024 10:10 am

-------------------

Who is online

Users browsing this forum: No registered users and 7 guests