Re: [AFMUG] Mikrotik vulnerabilities

2018-03-26 Thread Adam Moffett
" ? Changelog is written by marketing dept maybe? -- Original Message -- From: "Colin Stanners" <cstann...@gmail.com> To: af@afmug.com Sent: 3/26/2018 9:47:31 PM Subject: Re: [AFMUG] Mikrotik vulnerabilities Same as the external-drive-file-sharing feature in home routers...

Re: [AFMUG] Mikrotik vulnerabilities

2018-03-26 Thread Colin Stanners
>> -- Original Message -- >> From: "Steve Jones" <thatoneguyst...@gmail.com> >> To: af@afmug.com >> Sent: 3/26/2018 9:28:47 PM >> Subject: Re: [AFMUG] Mikrotik vulnerabilities >> >> AFAIK (assuming my firewall mastery isnt as awful

Re: [AFMUG] Mikrotik vulnerabilities

2018-03-26 Thread Steve Jones
.com> > To: af@afmug.com > Sent: 3/26/2018 9:28:47 PM > Subject: Re: [AFMUG] Mikrotik vulnerabilities > > AFAIK (assuming my firewall mastery isnt as awful as i think it is) I have > a drop all input with an office ACL and allow connected winbox, but i do > use romon with password

Re: [AFMUG] Mikrotik vulnerabilities

2018-03-26 Thread Adam Moffett
ch is off by default. -Adam -- Original Message -- From: "Steve Jones" <thatoneguyst...@gmail.com> To: af@afmug.com Sent: 3/26/2018 9:28:47 PM Subject: Re: [AFMUG] Mikrotik vulnerabilities AFAIK (assuming my firewall mastery isnt as awful as i think it is) I have

Re: [AFMUG] Mikrotik vulnerabilities

2018-03-26 Thread Steve Jones
AFAIK (assuming my firewall mastery isnt as awful as i think it is) I have a drop all input with an office ACL and allow connected winbox, but i do use romon with passwords. that should essentially "protect" shouldnt it? On Mon, Mar 26, 2018 at 8:24 PM, Adam Moffett wrote:

[AFMUG] Mikrotik vulnerabilities

2018-03-26 Thread Adam Moffett
I'm sure everyone here has a super duper uber secure network and never has to worry about something like this: http://seclist.us/chimayred-reverse-engineering-of-mikrotik-exploits-from-vault-7-cia-leaks.html That info is from January. If you have a MIPS BE or x86 mikrotik on ROS 6.38.4 or