Re: [44net] network equipment passwords

Probably true, that is in my case the proof that changing password is needed in ALL case, and NOT using the same password for routers AND servers cause if the can break the routeur password and you use the ssame password for a serveur behind that routeur you just gave them a way to wreck havoc to everything you have.. Password are keys, would you use the same key for your house, car, bank account, business, boose cabinet and your mistress Chastity belt?? I would not especialy the 2 last one, cause one day if I get to much stuff from the boose cabinet, I dont want to use my car key on the wrong lock and unlock my mistress belt while I am not in shape enough to use it. Same for the car... ________________________________ De : 44Net <44net-bounces+petem001=hotmail.com(a)mailman.ampr.org> de la part de Ruben ON3RVH <on3rvh(a)on3rvh.be> Envoyé : 6 août 2018 11:47 À : AMPRNet working group Objet : Re: [44net] network equipment passwords Changing the password won’t do a thing with the latest mikrotik exploits as they circumvented the password and downloaded the password database Ruben - ON3RVH > On 6 Aug 2018, at 16:43, Robert Keyes <robertwkeyes(a)gmail.com> wrote: > > Ha ha this is the type of thing I deal with all the time at work. CHANGE > THE PASSWORD and don't use a dumb password! In our case, that means don't > use your call sign, among other things. > >> On Sun, Aug 5, 2018 at 4:41 PM, Ruben ON3RVH <on3rvh(a)on3rvh.be> wrote: >> >> Upgrading won’t mean you can never ever be infected again. >> As I always tell everyone over and over again: “secure your sh*t” (pardon >> my french) this is very very very important. >> Block all winbox (and other unneeded services) from everywhere but your >> own management ranges/ips. >> And make sure your computers/servers on that management range/ip is also >> secure and clean. >> >> Ruben - ON3RVH >> >> On 5 Aug 2018, at 22:19, Rob Janssen <pe1chl(a)amsat.org> wrote: >> >>>> Before, or as soon as you attach a piece of equipment to our network >>>> (or anywhere else, for that matter) IMMEDIATELY CHANGE THE PASSWORD. >>> >>>> Oh, and be careful when upgrading firmware: in far too many devices >>>> when you flash new firmware into it, the password gets reset to the >>>> factory default. Be sure to check it afterwards! >>> >>> But, do not see this as a reason to not upgrade firmware! >>> It is really important to keep firmware uptodate, as e.g. was seen in >> the recent >>> case of MikroTik routers being compromised because they were running >> firmware >>> before version 6.42.1 which has a vulnerability that allows a remote >> user to >>> retrieve the correct password from the router! This was fixed some time >> ago >>> (current version is 6.42.6) but people didn't upgrade, and their router >> became >>> infected with a botnet that essentially allows it do do anything. >>> >>> In this case, it is also important to change the password after the >> upgrade, >>> not because it would be reset, but because it could be known to an >> attacker who >>> retrieved it before the upgrade. In that case they can still login >> after upgrade! >>> >>> (more details on how to avoid such things can be found on the MikroTik >> forum, but >>> even the "cannot do! too difficult for me!" type of operator still can >> upgrade the >>> software as this is only a matter of two clicks in the user interface) >>> >>> Rob >>> >>> _________________________________________ >>> 44Net mailing list >>> 44Net(a)mailman.ampr.org >>> https://mailman.ampr.org/mailman/listinfo/44net >> >> _________________________________________ >> 44Net mailing list >> 44Net(a)mailman.ampr.org >> https://mailman.ampr.org/mailman/listinfo/44net >> >