6 Aug
2018
6 Aug
'18
10:41 a.m.
Ha ha this is the type of thing I deal with all the time at work. CHANGE
THE PASSWORD and don't use a dumb password! In our case, that means don't
use your call sign, among other things.
On Sun, Aug 5, 2018 at 4:41 PM, Ruben ON3RVH <on3rvh(a)on3rvh.be> wrote:
Upgrading won’t mean you can never ever be infected
again.
As I always tell everyone over and over again: “secure your sh*t” (pardon
my french) this is very very very important.
Block all winbox (and other unneeded services) from everywhere but your
own management ranges/ips.
And make sure your computers/servers on that management range/ip is also
secure and clean.
Ruben - ON3RVH
On 5 Aug 2018, at 22:19, Rob Janssen <pe1chl(a)amsat.org> wrote:
the recent
Before,
or as soon as you attach a piece of equipment to our network
(or anywhere else, for that matter) IMMEDIATELY CHANGE THE PASSWORD.
Oh, and be careful when upgrading firmware: in
far too many devices
when you flash new firmware into it, the password gets reset to the
factory default. Be sure to check it afterwards!
But, do not see this as a reason to not upgrade firmware!
It is really important to keep firmware uptodate, as e.g. was seen in case of MikroTik routers being compromised
because they were running
firmware
before version 6.42.1 which has a vulnerability
that allows a remote
user to
retrieve the correct password from the router!
This was fixed some time
ago
(current version is 6.42.6) but people didn't
upgrade, and their router
became
infected with a botnet that essentially allows it
do do anything.
In this case, it is also important to change the password after the
upgrade,
not because it would be reset, but because it
could be known to an
attacker who
retrieved it before the upgrade. In that case
they can still login
after upgrade!
(more details on how to avoid such things can be found on the MikroTik
forum, but
even the "cannot do! too difficult for
me!" type of operator still can
upgrade the
software as this is only a matter of two clicks
in the user interface)
Rob
_________________________________________
44Net mailing list
44Net(a)mailman.ampr.org
https://mailman.ampr.org/mailman/listinfo/44net
_________________________________________
44Net mailing list
44Net(a)mailman.ampr.org
https://mailman.ampr.org/mailman/listinfo/44net