RE: [WISPA] Winbox
You have the option on the Winbox GUI itself to use secure password if you put a check in the box. Mac -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jason Sent: Sunday, September 09, 2007 11:06 AM To: WISPA General List Subject: [WISPA] Winbox Since winbox came up lately, How secure is the winbox protocol (assuming you have a great password)? Is it safe enough to open up to the outside world, or would I be asking to get hacked? Jason --- - ** Join us at the WISPA Reception at 6:30 PM on October the 16th 2007 at ISPCON ** ** ISPCON Fall 2007 - October 16-18 - San Jose, CA www.ispcon.com ** ** THE INTERNET INDUSTRY EVENT ** ** FREE Exhibits and Events Pass available until August 31 ** ** Use Customer Code WSEMF7 when you register online at http://www.ispcon.com/register.php ** --- - WISPA Wants You! Join today! http://signup.wispa.org/ --- - WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/ ** Join us at the WISPA Reception at 6:30 PM on October the 16th 2007 at ISPCON ** ** ISPCON Fall 2007 - October 16-18 - San Jose, CA www.ispcon.com ** ** THE INTERNET INDUSTRY EVENT ** ** FREE Exhibits and Events Pass available until August 31 ** ** Use Customer Code WSEMF7 when you register online at http://www.ispcon.com/register.php ** WISPA Wants You! Join today! http://signup.wispa.org/ WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/
Re: [WISPA] Winbox
Yes, but is the link encrypted or can anyone packet-sniff what you're doing? Have there been previous security breeches in winbox? Mac Dearman wrote: You have the option on the Winbox GUI itself to use "secure password" if you put a check in the box. Mac -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Jason Sent: Sunday, September 09, 2007 11:06 AM To: WISPA General List Subject: [WISPA] Winbox Since winbox came up lately, How secure is the winbox protocol (assuming you have a great password)? Is it safe enough to open up to the outside world, or would I be asking to get hacked? Jason --- - ** Join us at the WISPA Reception at 6:30 PM on October the 16th 2007 at ISPCON ** ** ISPCON Fall 2007 - October 16-18 - San Jose, CA www.ispcon.com ** ** THE INTERNET INDUSTRY EVENT ** ** FREE Exhibits and Events Pass available until August 31 ** ** Use Customer Code WSEMF7 when you register online at http://www.ispcon.com/register.php ** --- - WISPA Wants You! Join today! http://signup.wispa.org/ --- - WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/ ** Join us at the WISPA Reception at 6:30 PM on October the 16th 2007 at ISPCON ** ** ISPCON Fall 2007 - October 16-18 - San Jose, CA www.ispcon.com ** ** THE INTERNET INDUSTRY EVENT ** ** FREE Exhibits and Events Pass available until August 31 ** ** Use Customer Code WSEMF7 when you register online at http://www.ispcon.com/register.php ** WISPA Wants You! Join today! http://signup.wispa.org/ WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/ --- AV Spam Filtering by M+Guardian - Risk Free Email (TM) --- ** Join us at the WISPA Reception at 6:30 PM on October the 16th 2007 at ISPCON ** ** ISPCON Fall 2007 - October 16-18 - San Jose, CA www.ispcon.com ** ** THE INTERNET INDUSTRY EVENT ** ** FREE Exhibits and Events Pass available until August 31 ** ** Use Customer Code WSEMF7 when you register online at http://www.ispcon.com/register.php ** WISPA Wants You! Join today! http://signup.wispa.org/ WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/
RE: [WISPA] Winbox
The application never asks for a secure certificate; so one would need to assume that the link is not encrypted and can be seen through a packet sniff. Also the port it uses is just a standard TCP port; maybe the exchange between winbox challenge and response is the only thing encrypted Not really sure. Maybe if someone from Mikrotik is lurking they can interject Ty Carter From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jason Sent: Sunday, September 09, 2007 4:25 PM To: WISPA General List Subject: Re: [WISPA] Winbox Yes, but is the link encrypted or can anyone packet-sniff what you're doing? Have there been previous security breeches in winbox? Mac Dearman wrote: You have the option on the Winbox GUI itself to use secure password if you put a check in the box. Mac -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jason Sent: Sunday, September 09, 2007 11:06 AM To: WISPA General List Subject: [WISPA] Winbox Since winbox came up lately, How secure is the winbox protocol (assuming you have a great password)? Is it safe enough to open up to the outside world, or would I be asking to get hacked? Jason --- - ** Join us at the WISPA Reception at 6:30 PM on October the 16th 2007 at ISPCON ** ** ISPCON Fall 2007 - October 16-18 - San Jose, CA www.ispcon.com ** ** THE INTERNET INDUSTRY EVENT ** ** FREE Exhibits and Events Pass available until August 31 ** ** Use Customer Code WSEMF7 when you register online at http://www.ispcon.com/register.php ** --- - WISPA Wants You! Join today! http://signup.wispa.org/ --- - WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/ ** Join us at the WISPA Reception at 6:30 PM on October the 16th 2007 at ISPCON ** ** ISPCON Fall 2007 - October 16-18 - San Jose, CA www.ispcon.com ** ** THE INTERNET INDUSTRY EVENT ** ** FREE Exhibits and Events Pass available until August 31 ** ** Use Customer Code WSEMF7 when you register online at http://www.ispcon.com/register.php ** WISPA Wants You! Join today! http://signup.wispa.org/ WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/ --- AV Spam Filtering by M+Guardian - Risk Free Email (TM) --- ** Join us at the WISPA Reception at 6:30 PM on October the 16th 2007 at ISPCON ** ** ISPCON Fall 2007 - October 16-18 - San Jose, CA www.ispcon.com ** ** THE INTERNET INDUSTRY EVENT ** ** FREE Exhibits and Events Pass available until August 31 ** ** Use Customer Code WSEMF7 when you register online at http://www.ispcon.com/register.php ** WISPA Wants You! Join today! http://signup.wispa.org/ WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/
RE: [WISPA] Winbox
The Winbox Console uses TCP port 8290 (not secure) or 8291 (secure; requires security package to be installed). Mac -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ty Carter Lightwave Communications Sent: Sunday, September 09, 2007 2:41 PM To: WISPA General List Subject: RE: [WISPA] Winbox The application never asks for a secure certificate; so one would need to assume that the link is not encrypted and can be seen through a packet sniff. Also the port it uses is just a standard TCP port; maybe the exchange between winbox challenge and response is the only thing encrypted Not really sure. Maybe if someone from Mikrotik is lurking they can interject Ty Carter From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jason Sent: Sunday, September 09, 2007 4:25 PM To: WISPA General List Subject: Re: [WISPA] Winbox Yes, but is the link encrypted or can anyone packet-sniff what you're doing? Have there been previous security breeches in winbox? Mac Dearman wrote: You have the option on the Winbox GUI itself to use secure password if you put a check in the box. Mac -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jason Sent: Sunday, September 09, 2007 11:06 AM To: WISPA General List Subject: [WISPA] Winbox Since winbox came up lately, How secure is the winbox protocol (assuming you have a great password)? Is it safe enough to open up to the outside world, or would I be asking to get hacked? Jason --- - ** Join us at the WISPA Reception at 6:30 PM on October the 16th 2007 at ISPCON ** ** ISPCON Fall 2007 - October 16-18 - San Jose, CA www.ispcon.com ** ** THE INTERNET INDUSTRY EVENT ** ** FREE Exhibits and Events Pass available until August 31 ** ** Use Customer Code WSEMF7 when you register online at http://www.ispcon.com/register.php ** --- - WISPA Wants You! Join today! http://signup.wispa.org/ --- - WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/ --- - ** Join us at the WISPA Reception at 6:30 PM on October the 16th 2007 at ISPCON ** ** ISPCON Fall 2007 - October 16-18 - San Jose, CA www.ispcon.com ** ** THE INTERNET INDUSTRY EVENT ** ** FREE Exhibits and Events Pass available until August 31 ** ** Use Customer Code WSEMF7 when you register online at http://www.ispcon.com/register.php ** --- - WISPA Wants You! Join today! http://signup.wispa.org/ --- - WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/ --- AV Spam Filtering by M+Guardian - Risk Free Email (TM) --- --- - ** Join us at the WISPA Reception at 6:30 PM on October the 16th 2007 at ISPCON ** ** ISPCON Fall 2007 - October 16-18 - San Jose, CA www.ispcon.com ** ** THE INTERNET INDUSTRY EVENT ** ** FREE Exhibits and Events Pass available until August 31 ** ** Use Customer Code WSEMF7 when you register online at http://www.ispcon.com/register.php ** --- - WISPA Wants You! Join today! http://signup.wispa.org/ --- - WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/ ** Join us at the WISPA Reception at 6:30 PM on October the 16th 2007 at ISPCON ** ** ISPCON Fall 2007 - October 16-18 - San Jose, CA www.ispcon.com ** ** THE INTERNET INDUSTRY EVENT ** ** FREE Exhibits and Events Pass available until August 31 ** ** Use Customer Code WSEMF7 when you register online at http://www.ispcon.com/register.php ** WISPA Wants You! Join today! http://signup.wispa.org