RE: [WISPA] Winbox
The Winbox Console uses TCP port 8290 (not secure) or 8291 (secure; requires security package to be installed). Mac > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On > Behalf Of Ty Carter > Sent: Sunday, September 09, 2007 2:41 PM > To: WISPA General List > Subject: RE: [WISPA] Winbox > > The application never asks for a secure certificate; so one would need > to assume that the link is not encrypted and can be seen through a > packet sniff. Also the port it uses is just a standard TCP port; maybe > the exchange between winbox challenge and response is the only thing > encrypted Not really sure. Maybe if someone from Mikrotik is > lurking they can interject > > > > Ty Carter > > > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On > Behalf Of Jason > Sent: Sunday, September 09, 2007 4:25 PM > To: WISPA General List > Subject: Re: [WISPA] Winbox > > > > Yes, but is the link encrypted or can anyone packet-sniff what you're > doing? Have there been previous security breeches in winbox? > > > > Mac Dearman wrote: > > You have the option on the Winbox GUI itself to use "secure password" > if > you > put a check in the box. > > Mac > > > > > > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On > Behalf Of Jason > Sent: Sunday, September 09, 2007 11:06 AM > To: WISPA General List > Subject: [WISPA] Winbox > > Since winbox came up lately, > > How secure is the winbox protocol (assuming you have a great > password)? Is it safe enough to open up to the outside world, > or would > I be asking to get hacked? > > Jason > > --- > - > > ** Join us at the WISPA Reception at 6:30 PM on October the 16th > 2007 > at ISPCON ** > ** ISPCON Fall 2007 - October 16-18 - San Jose, CA > www.ispcon.com ** > ** THE INTERNET INDUSTRY EVENT ** > ** FREE Exhibits and Events Pass available until August 31 ** > ** Use Customer Code WSEMF7 when you register online at > http://www.ispcon.com/register.php ** > > > --- > - > WISPA Wants You! Join today! > http://signup.wispa.org/ > > --- > - > > WISPA Wireless List: wireless@wispa.org > > Subscribe/Unsubscribe: > http://lists.wispa.org/mailman/listinfo/wireless > > Archives: http://lists.wispa.org/pipermail/wireless/ > > > > > --- > - > > > ** Join us at the WISPA Reception at 6:30 PM on October the 16th 2007 > at > ISPCON ** > ** ISPCON Fall 2007 - October 16-18 - San Jose, CA www.ispcon.com ** > ** THE INTERNET INDUSTRY EVENT ** > ** FREE Exhibits and Events Pass available until August 31 ** > ** Use Customer Code WSEMF7 when you register online at > http://www.ispcon.com/register.php ** > > --- > - > > WISPA Wants You! Join today! > http://signup.wispa.org/ > --- > - > > > WISPA Wireless List: wireless@wispa.org > > Subscribe/Unsubscribe: > http://lists.wispa.org/mailman/listinfo/wireless > > Archives: http://lists.wispa.org/pipermail/wireless/ > > --- AV & Spam Filtering by M+Guardian - Risk Free Email (TM) --- > > > > > --- > - > > ** Join us at the WISPA Reception at 6:30 PM on October the 16th 2007 > at ISPCON ** > ** ISPCON Fall 2007 - October 16-18 - San Jose, CA www.ispcon.com ** > ** THE INTERNET INDUSTRY EVENT ** > ** FREE Exhibits and Events Pass available until August 31 ** > ** Use Customer Code WSEMF7 when you register online at > http://www.ispcon.com/register.php ** > > --- > - > WISPA Wants You! Join today! > http://signup.wispa.org/ > --- > - > > WISPA Wireless List: wireless@wispa.org > > Subscribe/Unsubscribe: > http://lists.wispa.org/mailman/listinfo/wireless > > A
RE: [WISPA] Winbox
The application never asks for a secure certificate; so one would need to assume that the link is not encrypted and can be seen through a packet sniff. Also the port it uses is just a standard TCP port; maybe the exchange between winbox challenge and response is the only thing encrypted Not really sure. Maybe if someone from Mikrotik is lurking they can interject Ty Carter From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jason Sent: Sunday, September 09, 2007 4:25 PM To: WISPA General List Subject: Re: [WISPA] Winbox Yes, but is the link encrypted or can anyone packet-sniff what you're doing? Have there been previous security breeches in winbox? Mac Dearman wrote: You have the option on the Winbox GUI itself to use "secure password" if you put a check in the box. Mac -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jason Sent: Sunday, September 09, 2007 11:06 AM To: WISPA General List Subject: [WISPA] Winbox Since winbox came up lately, How secure is the winbox protocol (assuming you have a great password)? Is it safe enough to open up to the outside world, or would I be asking to get hacked? Jason --- - ** Join us at the WISPA Reception at 6:30 PM on October the 16th 2007 at ISPCON ** ** ISPCON Fall 2007 - October 16-18 - San Jose, CA www.ispcon.com ** ** THE INTERNET INDUSTRY EVENT ** ** FREE Exhibits and Events Pass available until August 31 ** ** Use Customer Code WSEMF7 when you register online at http://www.ispcon.com/register.php ** --- - WISPA Wants You! Join today! http://signup.wispa.org/ --- - WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/ ** Join us at the WISPA Reception at 6:30 PM on October the 16th 2007 at ISPCON ** ** ISPCON Fall 2007 - October 16-18 - San Jose, CA www.ispcon.com ** ** THE INTERNET INDUSTRY EVENT ** ** FREE Exhibits and Events Pass available until August 31 ** ** Use Customer Code WSEMF7 when you register online at http://www.ispcon.com/register.php ** WISPA Wants You! Join today! http://signup.wispa.org/ WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/ --- AV & Spam Filtering by M+Guardian - Risk Free Email (TM) --- ** Join us at the WISPA Reception at 6:30 PM on October the 16th 2007 at ISPCON ** ** ISPCON Fall 2007 - October 16-18 - San Jose, CA www.ispcon.com ** ** THE INTERNET INDUSTRY EVENT ** ** FREE Exhibits and Events Pass available until August 31 ** ** Use Customer Code WSEMF7 when you register online at http://www.ispcon.com/register.php ** WISPA Wants You! Join today! http://signup.wispa.org/ WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/
Re: [WISPA] Winbox
Yes, but is the link encrypted or can anyone packet-sniff what you're doing? Have there been previous security breeches in winbox? Mac Dearman wrote: You have the option on the Winbox GUI itself to use "secure password" if you put a check in the box. Mac -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Jason Sent: Sunday, September 09, 2007 11:06 AM To: WISPA General List Subject: [WISPA] Winbox Since winbox came up lately, How secure is the winbox protocol (assuming you have a great password)? Is it safe enough to open up to the outside world, or would I be asking to get hacked? Jason --- - ** Join us at the WISPA Reception at 6:30 PM on October the 16th 2007 at ISPCON ** ** ISPCON Fall 2007 - October 16-18 - San Jose, CA www.ispcon.com ** ** THE INTERNET INDUSTRY EVENT ** ** FREE Exhibits and Events Pass available until August 31 ** ** Use Customer Code WSEMF7 when you register online at http://www.ispcon.com/register.php ** --- - WISPA Wants You! Join today! http://signup.wispa.org/ --- - WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/ ** Join us at the WISPA Reception at 6:30 PM on October the 16th 2007 at ISPCON ** ** ISPCON Fall 2007 - October 16-18 - San Jose, CA www.ispcon.com ** ** THE INTERNET INDUSTRY EVENT ** ** FREE Exhibits and Events Pass available until August 31 ** ** Use Customer Code WSEMF7 when you register online at http://www.ispcon.com/register.php ** WISPA Wants You! Join today! http://signup.wispa.org/ WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/ --- AV & Spam Filtering by M+Guardian - Risk Free Email (TM) --- ** Join us at the WISPA Reception at 6:30 PM on October the 16th 2007 at ISPCON ** ** ISPCON Fall 2007 - October 16-18 - San Jose, CA www.ispcon.com ** ** THE INTERNET INDUSTRY EVENT ** ** FREE Exhibits and Events Pass available until August 31 ** ** Use Customer Code WSEMF7 when you register online at http://www.ispcon.com/register.php ** WISPA Wants You! Join today! http://signup.wispa.org/ WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/
RE: [WISPA] Winbox
You have the option on the Winbox GUI itself to use "secure password" if you put a check in the box. Mac > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On > Behalf Of Jason > Sent: Sunday, September 09, 2007 11:06 AM > To: WISPA General List > Subject: [WISPA] Winbox > > Since winbox came up lately, > > How secure is the winbox protocol (assuming you have a great > password)? Is it safe enough to open up to the outside world, or would > I be asking to get hacked? > > Jason > --- > - > > ** Join us at the WISPA Reception at 6:30 PM on October the 16th 2007 > at ISPCON ** > ** ISPCON Fall 2007 - October 16-18 - San Jose, CA www.ispcon.com ** > ** THE INTERNET INDUSTRY EVENT ** > ** FREE Exhibits and Events Pass available until August 31 ** > ** Use Customer Code WSEMF7 when you register online at > http://www.ispcon.com/register.php ** > > --- > - > WISPA Wants You! Join today! > http://signup.wispa.org/ > --- > - > > WISPA Wireless List: wireless@wispa.org > > Subscribe/Unsubscribe: > http://lists.wispa.org/mailman/listinfo/wireless > > Archives: http://lists.wispa.org/pipermail/wireless/ ** Join us at the WISPA Reception at 6:30 PM on October the 16th 2007 at ISPCON ** ** ISPCON Fall 2007 - October 16-18 - San Jose, CA www.ispcon.com ** ** THE INTERNET INDUSTRY EVENT ** ** FREE Exhibits and Events Pass available until August 31 ** ** Use Customer Code WSEMF7 when you register online at http://www.ispcon.com/register.php ** WISPA Wants You! Join today! http://signup.wispa.org/ WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/
