Community discussions

MikroTik App
 
buz
just joined
Topic Author
Posts: 6
Joined: Sun May 08, 2022 9:06 am

RB5009 security after quick set

Tue May 10, 2022 6:37 pm

Noob question: I recently moved into an apartment which finally has fiber and got a RB5009 with SFP as router. In the rush to move in (and being clueless about routeros, want to learn), I set it up with quick set. Is that reasonably secure for the time being or do I urgently need to do something?

I tried to run nmap on the public IP (from another ISP) and it seemed that no ports are open, so at least it does not seem to expose any interface externally...
 
User avatar
mkx
Forum Guru
Forum Guru
Posts: 11444
Joined: Thu Mar 03, 2016 10:23 pm

Re: RB5009 security after quick set

Tue May 10, 2022 7:28 pm

Current default config is pretty good, don't worry about it too much.
 
buz
just joined
Topic Author
Posts: 6
Joined: Sun May 08, 2022 9:06 am

Re: RB5009 security after quick set

Tue May 10, 2022 7:35 pm

Thanks, reassuring.
 
User avatar
jbl42
Member Candidate
Member Candidate
Posts: 214
Joined: Sun Jun 21, 2020 12:58 pm

Re: RB5009 security after quick set

Tue May 10, 2022 8:03 pm

The RB5009 quick set config gives you the equivalent of a normal "dumb" home NAT router:

- DHCP client towards WAN
- DHCP server for LAN
- DNS server for LAN (forwarding to DNS received by DHCP client on WAN)
- srcNAT (masquerade) towards LAN
- all connections LAN -> WAN allowed
- all connections WAN -> LAN blocked
- no open ports on WAN
- all ports running running with PVID 1
- WAN on ether1 and LAN bridged on ether2-8 (VLAN filtering disabled)

as @mkx has noted, this is pretty safe
and also a very good starting point for further customization
 
buz
just joined
Topic Author
Posts: 6
Joined: Sun May 08, 2022 9:06 am

Re: RB5009 security after quick set

Tue May 10, 2022 9:28 pm

Perfect, that's what I was hoping for.

This will just fine for now (except I use SFP for wan but thankfully there was an option for that :D ). So once the dust from the move settles, I'll start poking around.
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 19109
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: RB5009 security after quick set

Tue May 10, 2022 10:16 pm

When you do start to dabble. Do not venture to youtube it will fill your head with bad ideas and wasted years of your life.
KISS - viewtopic.php?t=180838

Who is online

Users browsing this forum: abdullanetworking, akakua, cmmike, eworm, yakovz and 32 guests