AFAIK (assuming my firewall mastery isnt as awful as i think it is) I have a drop all input with an office ACL and allow connected winbox, but i do use romon with passwords. that should essentially "protect" shouldnt it?
On Mon, Mar 26, 2018 at 8:24 PM, Adam Moffett <[email protected]> wrote: > I'm sure everyone here has a super duper uber secure network and never has > to worry about something like this: > http://seclist.us/chimayred-reverse-engineering-of- > mikrotik-exploits-from-vault-7-cia-leaks.html > > That info is from January. If you have a MIPS BE or x86 mikrotik on ROS > 6.38.4 or lower and have the http service exposed to the world then you > could be hit by this. The remotely executable code could be anything, even > a remote shell which the attacker can use for any kind of additional > ongoing nonsense. Their CPU usage will show up as "unclassified" in Tool > -> Profile. I plead the 5th on how I know that last part. > > Also on March 12 they announced a remote exploit in the SMB service. I > don't imagine most of us use the SMB service though. >
