Winbox suggestion

chojrak11 · Sun Apr 05, 2009 10:43 am

Hello,

I have DOZENS of sessions saved in Winbox. That really saves me from remembering DOZENS of IPs, usernames and passwords.
Would it be possible to have some sort of "find" textbox, similar to what is in almost every window of RouterOS, that would filter displayed sessions to those containing typed text?

Thank you in advance.
Keep up the good work!

Mon Apr 06, 2009 9:38 am

Why not use The Dude, which was made for this purpose?

chojrak11 · Tue Apr 07, 2009 8:47 am

Why not use The Dude, which was made for this purpose?

Thanks Normis for the suggestion, however I forgot to mention that the sessions are from DOZENS different customers... So they are not connected with each other and certainly won't fit on one map

Winbox is a great tool that manages alll of them with ease and allows me to log in to each one in just seconds. I'll try Dude but I suspect that it gives too much overhead in my scenario.
And please think about the "find" textbox, IMO it shouldn't be a big deal for you.

Thanks!

Tue Apr 07, 2009 8:49 am

The Dude doesn't need to have all devices in one map, connected all together. You can just add random devices with no real relation, just make a list like you have in winbox. They don't even need to be monitored, you can use Dude for simple management.

chojrak11 · Tue Apr 07, 2009 10:08 am

Thanks for the suggestion, I'll give it a try and report back my results. Thanks very much!

Tue Apr 07, 2009 10:11 am

Example list of devices in Dude:

2009-04-07_1010.png

cmon69 · Tue Apr 07, 2009 5:16 pm

It sure would be nice to have folders in winbox so a person could store customers in one folder and towers in another! It would make it so much quicker than having to scroll down a very long list! If there were folders one could sort clients by their respective subnets.

Wed Apr 08, 2009 9:19 am

It sure would be nice to have folders in winbox so a person could store customers in one folder and towers in another! It would make it so much quicker than having to scroll down a very long list! If there were folders one could sort clients by their respective subnets.

is the above not the same thing?

chojrak11 · Wed Apr 08, 2009 12:05 pm

Normis, The Dude solution is definitely not as good as find/filter button in Winbox would be... In order to use Dude you need to run local server (because it must work even if the whole network is down). Another issue is that in Dude there is no session manager - so you cannot save credentials for different Dude servers, you have to enter them by hand whenever you want to connect to other Dude server.

Thus I'm still lobbying for a simple find/filter button in Winbox that would display only those sessions that contains entered substring in name, IP, MAC address, or username.

Think also this way: the number of sessions in Winbox for any given Winbox user will not shrink. So the issue will pop up again sooner or later. And the solution is programmaticaly very simple.

You are specialized in useful tools so I really hope you will do it

Thanks in advance.

Wed Apr 08, 2009 12:12 pm

I don't think we will expand the winbox loader anymore, you must use the Dude. This is why I ask, what improvements to the Dude do you want to see, to make it usable in such way?

chojrak11 · Wed Apr 08, 2009 1:49 pm

I don't think we will expand the winbox loader anymore, you must use the Dude. This is why I ask, what improvements to the Dude do you want to see, to make it usable in such way?

Definitely one thing. After clicking the "thunder" icon on top left, there should be list of Dude Servers to choose from, and an ability to save credentials:
Session Name, IP, Username, Password
The list could look much like it looks in Winbox.

This would make much easier switching from a local server to other servers, and managing these accounts.
And of course I opt for plain text passwords in the .cfg file, like

If it seems unclear to you, just let me know.

But I'll still lobby for the Winbox solution, it seems to be an hour or two for an average developer

Thanks very much.

Wed Apr 08, 2009 2:41 pm

You can do all that.

- connect to local server
- go to global "settings"
- add all the AGENTS that you need (all remote dude servers that you use)
- make a new map
- click on "discover" and select the agent to use

this way, all your agent maps will be inside ONE dude instance

chojrak11 · Wed Apr 08, 2009 5:22 pm

I'm missing the option to move devices between maps. After adding e.g. 30 devices to one map, I realized that ONLY option to organize and filter them out would be the "Map" dropdown. But after adding I'm unable to move them to other map, so I suppose I'll have to drop them and recreate again... Or is there any faster method?

Chupaka · Thu Apr 09, 2009 12:04 am

I'd prefer encryption of C:\Documents and Settings\%USER%\Application Data\Mikrotik\Winbox\winbox.cfg with all saved plaintext passwords first...

Thu Apr 09, 2009 8:55 am

I'm missing the option to move devices between maps. After adding e.g. 30 devices to one map, I realized that ONLY option to organize and filter them out would be the "Map" dropdown. But after adding I'm unable to move them to other map, so I suppose I'll have to drop them and recreate again... Or is there any faster method?

copy and paste works for moving

cmon69 · Fri Apr 10, 2009 7:34 am

I don’t use Dude because it causes some of my older CPE's to become non-responsive. And I don’t have the time to try and figure out why on my own.

By the time I get the help I need by asking on this forum many of my customers will be pissed off enough to no longer subscribe to my service!

I sure Dude is probably a great program, but I have had nothing but problems with my network when ever I have tried to use it.

Having it always running in the background is a pain.

I like Winbox!!!!!!!!!!!!!!!!!!!!

Chupaka · Fri Apr 10, 2009 11:13 am

Having it always running in the background is a pain.

so don't run it in background. run it only when you need it

cmon69 · Tue Apr 14, 2009 6:41 am

I got a better Idea! ...... I just wont install it!!!!

Aug · Tue Apr 14, 2009 7:23 am

In dude you can add all the devices without polling them.
I know what you mean causing problems with older devices.
Add the devices manually and you'll have your list of devices.

cmon69 · Tue Apr 14, 2009 8:00 am

Aug

Thanks for the advice

I'll give it a try!

Paxy · Thu Apr 16, 2009 10:52 am

winbox.cfg saves plain text passwords !
Why does not it save MD5 or SHA1 password, and not to use plan text authentification when sending password (even with secure connection).
Just simply store and authentificate with MD5 or SHA1 hashed password, like many others programs.

chojrak11 · Thu Apr 16, 2009 11:04 am

winbox.cfg saves plain text passwords !
Why does not it save MD5 or SHA1 password, and not to use plan text authentification when sending password (even with secure connection).
Just simply store and authentificate with MD5 or SHA1 hashed password, like many others programs.

IMO this is a feature not a problem. It's useful when there's a need to recall a password.
I don't let anyone touch my laptop, and it is BitLocker'd so I DON'T REALLY CARE about this. And so should you.

NAB · Thu Apr 16, 2009 1:27 pm

winbox.exe takes three optional parameters/arguments:

winbox [location [username [password]]]

e.g.

winbox firewall.business.com admin mysecret

So you could get around both of the problems mentioned here (security - lack of encryption of winbox.cfg file and structure - folders per site/user/whatever) by writing your own wrapper for Winbox which stores passwords securely and allows you to organise the data howsoever you wish.

Alternatively, you could just create a whole load of Windows shortcuts organised however you like and (optionally) stored in an encrypted filesystem.

Or you could use something like http://keepass.info/ as your wrapper and have it automatically launch Winbox with the correct parameters.

Just my 2p.

Nick.

Chupaka · Thu Apr 16, 2009 1:41 pm

isn't it possible to obtain command line parameters of any user's process in system? =)

ayufan · Thu Apr 16, 2009 2:34 pm

It would be nice if winbox could register protocol like that:

winbox://login:password@address

or at least parse
winbox winbox://login:password@address

Thu Apr 16, 2009 2:37 pm

or at least parse
winbox winbox://login:password@address

hmm but what is this then?

winbox.exe 10.1.10.1 admin mysecret

NAB · Thu Apr 16, 2009 3:25 pm

isn't it possible to obtain command line parameters of any user's process in system? =)

Yup. I was hoping that Winbox would do something sensible in this regard (spawn child, kill parent?), but I haven't tested it and I suspect that my optimism is unplaced!

Nick.

Chupaka · Thu Apr 16, 2009 4:13 pm

or at least parse
winbox winbox://login:password@address
hmm but what is this then?
Code: Select all
winbox.exe 10.1.10.1 admin mysecret

well, the second is command-line. the first is URL Handler. from the webbrowser you can only run URL =)

Thu Apr 16, 2009 4:14 pm

I know, but what did he mean by "parse". what do you need URL handlers for, is there a lot of situations where you want to call winbox from within a webpage? not to mention storing password in that webpage in plain sight

Chupaka · Thu Apr 16, 2009 4:27 pm

I know, but what did he mean by "parse".

it simply means cutting of 'winbox://' from command line and replacing of %20 with space, so one can use winbox://address%20user%20password URL to run WinBox =)

p.s. https is not so plain, and browser's cache is not less secure than winbox.cfg with plaintext passwords =)

janisk · Thu Apr 16, 2009 4:35 pm

sorry, but all this looks like reinventing the wheel:

at first:
Q:we need something better than winbox
A:use DUDE

then:
Q: we do not want to use DUDE, because it is "pinging" around
A: turn that off

Q: what else i can use, i do not want to use DUDE, you should improve winbox
A: DUDE is feature rich tool that can replace winbox.

if you look at dude as a winbox replacement - you can simply add devices, turn all probes down, assign routers in groups, manage upgrades of those groups etc. It is feature rich power-tool.

IMHO winbox is screwdriver while DUDE is kitted out robotic arm.

Chupaka · Thu Apr 16, 2009 4:39 pm

IMHO winbox is screwdriver while DUDE is kitted out robotic arm.

yesss, I like to go shopping on my 'M1 brams' tank =)

janisk · Thu Apr 16, 2009 4:43 pm

point is - no one is going to improve "screwdriver" while you can strip your "tank" to bare minimum if features you need and do what you want to do. After some time, you will notice, that you are using more and more features of The DUDE and it will seem impossible - how you did without it.

It is really easy to use and really addictive

configuring several routers at time - a breathe.

NAB · Thu Apr 16, 2009 5:30 pm

IMHO winbox is screwdriver while DUDE is kitted out robotic arm.

That path leads to bloat. Sometimes it is better/easier/faster to have the screwdriver.

Correct me if I'm wrong, but doesn't The Dude just start up winbox for you anyway? If so, then what you're proposing is an additional layer which seems somewhat redundant to me.

Also, and again correct me if I'm wrong, don't I have to install The Dude? Winbox runs as a standalone executable which means I can run it on any machine anywhere without any hassle.

Nick.

ayufan · Thu Apr 16, 2009 5:43 pm

I know, but what did he mean by "parse". what do you need URL handlers for, is there a lot of situations where you want to call winbox from within a webpage? not to mention storing password in that webpage in plain sight :)

okey I'll do that by myself ;p

chojrak11 · Fri Apr 17, 2009 11:03 am

sorry, but all this looks like reinventing the wheel:
(...)
Q: what else i can use, i do not want to use DUDE, you should improve winbox
A: DUDE is feature rich tool that can replace winbox.

if you look at dude as a winbox replacement - you can simply add devices, turn all probes down, assign routers in groups, manage upgrades of those groups etc. It is feature rich power-tool.

IMHO winbox is screwdriver while DUDE is kitted out robotic arm.

Janisk I appreciate your opinion, however the whole thing started with a tiny feature request for a "find" textbox in Winbox

That simple thing would ease management of even thousands of sessions... If I would be able to just filter them by name or IP, I wouldn't in most cases need DUDE. I like DUDE and I use it in some places, where history and alerts matter, but for everyday use, to just login and manage routers I prefer Winbox for now...

I can bet that many of us, your users, share my opinion

Have a nice day.

chojrak11 · Fri Apr 17, 2009 11:08 am

isn't it possible to obtain command line parameters of any user's process in system? =)
Yup. I was hoping that Winbox would do something sensible in this regard (spawn child, kill parent?), but I haven't tested it and I suspect that my optimism is unplaced!

Nick.

No, wait! Do you use Winbox on server where dozens of potential attackers are logged at the same time and do nothing but sniff command line parameters??? No, you use it exclusively on your PC where no-one can log on, and if she can, she is unable to do what you described. Why you need such excess security measures? Aren't you able to just secure yourself?...

Chupaka · Fri Apr 17, 2009 11:35 am

chojrak11, in that case plaintext passwords in text file are not prolem too =)

chojrak11 · Fri Apr 17, 2009 3:26 pm

chojrak11, in that case plaintext passwords in text file are not prolem too =)

I never said it is a problem, TrueCrypt / BitLocker helps to not care about such details

Chupaka · Fri Apr 17, 2009 6:01 pm

TrueCrypt / BitLocker helps to not care about such details

will they help to allow WinBox to acces his config and block other programs from accessing it?

chojrak11 · Fri Apr 17, 2009 8:41 pm

TrueCrypt / BitLocker helps to not care about such details
will they help to allow WinBox to acces his config and block other programs from accessing it?

This is going OT, but I want to answer. Do you install random crap on your production laptop? Do you browse random and/or questionable sites on that machine? Do you allow random people to use your laptop? I don't, so I don't care that all programs can read my winbox.cfg. Besides, there are far more precious things than winbox.cfg that needs to be protected. I care about that and I'm also making regular backups. With TrueCrypt -- if they steal my laptop, I win. They have only a replaceable brick worth nothing more than a few bucks.

Back to topic, if Mikrotik people won't decide to implement "find" textbox, I'm probably gonna make the wrapper as was suggested to call the Winbox executable with parameters. Mikrotik people -- if you're still following -- could you post the format of winbox.cfg so a custom application can reliably read it? This is not a secret I suppose Thanks in advance.

ayufan · Sat Apr 18, 2009 2:17 am

[CUT]

adm1329 · Sat Apr 18, 2009 2:43 am

point is - no one is going to improve "screwdriver"

Not true, there are electric screwdrivers, different bits, different sizes, and different shapes and there are still improvements occasionally being made. I don't lug around my desktop to check my e-mail everywhere I go, I use my blackberry, but I don't use it to just sit around and surf the web when I can use my desktop or laptop instead.

I personally prefer winbox for my everyday use.

chojrak11 · Sat Apr 18, 2009 10:43 am

If you are still interested look at my blog

Wow THAT is really fast. Thank you very much!