Community discussions

MikroTik App
 
Samosval
just joined
Topic Author
Posts: 2
Joined: Wed Dec 01, 2021 9:48 pm

chr = lowest security

Wed Dec 01, 2021 10:25 pm

if the manufacturer thought about security, there would be no empty password and an active interface when deploying a cloud image. how you can run such an image in the cloud with such settings is not clear at all. Have you studied at least the customer usage scenario ? do you understand that everyone always has VPS/VDI with open ports and interfaces? it was possible to change the password and enable the network interface only through the locale.

open telnet and admin without password in 2021 - laughter
 
ns88ns
newbie
Posts: 30
Joined: Mon Sep 07, 2020 12:42 pm

Re: chr = lowest security

Thu May 19, 2022 10:26 pm

Just secure your CHR instance as you need immediately after deployment.
 
gabacho4
Member
Member
Posts: 329
Joined: Mon Dec 28, 2020 12:30 pm
Location: Earth

Re: chr = lowest security

Thu May 19, 2022 10:38 pm


open telnet and admin without password in 2021 - laughter
I guess it’s not as bad in 2022. 😅
 
User avatar
Larsa
Forum Guru
Forum Guru
Posts: 1025
Joined: Sat Aug 29, 2015 7:40 pm
Location: The North Pole, Santa's Workshop

Re: chr = lowest security

Thu May 19, 2022 11:03 pm

@gabacho4/@ns88ns: it's like any other business router that you need to configure before deploying. The same goes for Cisco, Juniper, etc. It's not really "best practice" to deploy a solution before it is fully configured. In the case of CHR, for example, use the internal v-switch for configuration.

Also, most professionals use sandboxed environments to simulate access which are available in most clouds or use GNS3/EVE-NG (or sometimes a combination of both)

A consumer router is a total different matter...
 
killersoft
Member Candidate
Member Candidate
Posts: 235
Joined: Mon Apr 11, 2011 2:34 pm
Location: Victoria, Australia

Re: chr = lowest security

Sat Jul 23, 2022 9:15 am

A brand new cisco router out of the box has no password either.
 
FurfangosFrigyes
newbie
Posts: 43
Joined: Sun Feb 25, 2018 11:45 am

Re: chr = lowest security

Sat Jul 23, 2022 9:38 am

if the manufacturer thought about security, there would be no empty password and an active interface when deploying a cloud image. how you can run such an image in the cloud with such settings is not clear at all. Have you studied at least the customer usage scenario ? do you understand that everyone always has VPS/VDI with open ports and interfaces? it was possible to change the password and enable the network interface only through the locale.

open telnet and admin without password in 2021 - laughter
In Azure I do not add public IP when I deploy the image and using the serial consol to set up the must have security settings and add Public IP later.
 
holvoetn
Forum Guru
Forum Guru
Posts: 5317
Joined: Tue Apr 13, 2021 2:14 am
Location: Belgium

Re: chr = lowest security

Sat Jul 23, 2022 10:03 am

if the manufacturer thought about security, there would be no empty password and an active interface when deploying a cloud image. ...
In Azure I do not add public IP when I deploy the image and using the serial consol to set up the must have security settings and add Public IP later.
Pretty basic, I would say ?
I know in some parts of the world it's a bit different but in Belgium, all houses have a front/back door which is always locked (should be, you can even get a fine when you leave it open since that would potentially invite burglars).
You don't move in your furniture or personal stuff without making sure that door can be locked.

Same thing needs to be done on a router. First get your initial setup in order before using it in the Big Bad World.
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 11967
Joined: Tue Feb 25, 2014 12:49 pm
Location: Italy
Contact:

Re: chr = lowest security

Sat Jul 23, 2022 10:43 am

The concept is even simpler:
You "simply" prepare the disk image as you please before uploading it to the cloud.
What's the problem?

@Samosval
If one does the opposite, what do you expect?


“There are no insecure settings, there are just people ignorant of how to use them all together.”
(Rex, 2022)

Who is online

Users browsing this forum: No registered users and 15 guests