looking for tutorials on how to access Mikrotik Routerboard's file system using winbox.

http://www.133tsec.com/2012/04/27/0day- ... n-exploit/


should i be worry about the above exploit? i dont want my computer/network to be hacked. so trying to be safe as i am new to mikrotik

This is hardly any exploit. The article describes how to create a fake router, and somebody using Winbox can connect to this fake router, and make problems for this somebodys Windows computer.

So in short, don't connect with Winbox to unknown machines, and to protect your own, don't disable the default firewall on the public port. Make sure you disable the "admin" user and make your own user.

If connecting to a remote router then anybody upstream could divert traffic intended for an actual router to such a fake router so this is a perfectly valid concern.

Winbox is terrible from a security point of view!If you have to use it remotely then use it over an established VPN connection.

This applies to any type of traffic, the best security would be a VPN tunnel, for sure.

This applies to any type of traffic, the best security would be a VPN tunnel, for sure.

True, but hopefully the other applications might show some signs that something is not right - e.g. invalid certs. Winbox has some particular vulnerabilities in that regard which are a serious concern when one considers that Winbox is downloading DLLs.

Winbox is terrible from a security point of view!If you have to use it remotely then use it over an established VPN connection.

Instead of VPN would Teamviewer be any good for security? As i tend to use RDP but not on the default port. http://www.wikihow.com/Change-the-Liste ... te-Desktop

Fascinating Idea...

When someone try to hijack my network , I can inject some DLL on remote "hacker"...

Good vengeance...

If someone try to crack one network, inject DLL on remote attacker, is a way to stop attacks...