This series format is super interesting, but really, it's more valuable if you present red team AND blue team approach
@erikruwalder97
Жыл бұрын
the pcap injection is quite nice to test frewall's
@Nichomachean5
Жыл бұрын
I have one thing to say about these new mikrotik videos.... MORE. :)
@123XAH
Жыл бұрын
How to protect from above mentioned flood?
@pierromaximus
Жыл бұрын
You have to disable cdp on interfaces, that dont need it. Another option is to configure port security.
@maigonis.elleris
Жыл бұрын
@@pierromaximus Port security is not always option, besides, this can be passed thru WiFi.
@pierromaximus
Жыл бұрын
@@maigonis.elleris You can isolate WIFI clients in separate VLAN and disable cdp on SVI interface.
@website-nv4qb
2 ай бұрын
hello
@gomgom330
4 ай бұрын
Hei, is remote mikrotik through wifi with ssh more secure than remote it with winbox even if winbox port changed??
@mikrotik
4 ай бұрын
There is no straight answer to that, but it will be a lot more secure in both cases if you only connect through a tunnel. Wireguard is particularly good as it does not respond to port scans.
@DmitriyHaidai
Жыл бұрын
Could anyone help me? I followed all these steps and everything was going right way however my router doesnt have enough Total HDD memory for my injected file pcap. it is extremly larger than my router's HDD space. Obviously i cut down my file.pcap from 350Mb to 70 Mb and neighbor routers were not going to crash. I wonder to know what size of file.pcap do i need to overload neighbor routers?
@RB01-lite
Жыл бұрын
Not sure. Perhaps you can use a USB drive. Alternatively a fun experiment might be write a script that generates raw data for traffic generator to inject ;)
@alimibrahem8120
Жыл бұрын
is it mendatory to use CDP packet ..? i mean if i want to test that on my router but i don't have Kali linux..!
@nikolashuminosky6987
Жыл бұрын
@Druvis - is that any chance that we can test the firewall via traffic-generator. I think that someone mentioned about that on the MUM. Are u familiar with that?
@ameen-r8r
Жыл бұрын
how show app yersinal grapn......?
@mikkio5371
Жыл бұрын
Druves .you are good ,where do you get all these knowledge from . Recommend books to me 🙏
@RB01-lite
Жыл бұрын
The internet is the best resource. But if you want a good book here is one that I liked - 'The Art of Learning' by Josh Waitzkin.
@ronaldrobles5597
Жыл бұрын
because the CPU goes up by 30% when updating v7
@mikrotik
Жыл бұрын
Seems you paid too much, as you have 70% unused CPU resources 😎
@zacohell
Жыл бұрын
Is disabling neighbor discovery enough to protect the router from this attack?
@mikrotik
Жыл бұрын
Yes, but even so, do not keep open ports to untrusted networks. To be extra safe, use VPN to access the router, all other ports should be firewalled.
@kevinjosemarquez4801
11 ай бұрын
Yo no Ingles
@Dara.config
Жыл бұрын
What about the cpu of the router problem sir?
@mikrotik
Жыл бұрын
What is the problem?
@Dara.config
Жыл бұрын
how about cpu if have hack on mikrotik sir@@mikrotik
@AbdiKwon1445
9 ай бұрын
this ddos ?
@mikrotik
9 ай бұрын
It's dos, ddos means there are multiple devices used for the attack.
@liviu2004
Жыл бұрын
Great, we’ll use this pcap method to record and inject traffic in dynamic positioning ships networks, to increase confidentiality in redundancy machinery arrangements to sustain worst case failure. Thanks.
@userou-ig1ze
Жыл бұрын
can you elaborate
@maxvideodrome4215
Жыл бұрын
Hackers movie?
@RB01-lite
Жыл бұрын
Just don't hack NASA
@mikrotik
Жыл бұрын
Simply wait for the next video on how to protect yourself from dumb "hacks" like this :) and don't be so serious. If you have firewall, you are safe
@mikkio5371
Жыл бұрын
@@mikrotikdumb hack 😱😱meaning there are far more hacks to be aware of 😅
@mohammadforhad2473
Жыл бұрын
Thanks
@boumarc
Жыл бұрын
mikrotik should just fix routeros so that simple attacks like this don't cause reboots
@RB01-lite
Жыл бұрын
This type of an attack can cause a reboot in devices by other manufacturers too. The only reason that it is possible to do this is that the compromised device is in a trusted network with neighbor discovery enabled.
@boumarc
Жыл бұрын
@@RB01-lite the fact that other manufacturers have buggy or fragile software too isn't a valid argument for not fixing the bugs / weaknesses leading to such an easy denial of service attack
@mikrotik
Жыл бұрын
Disabling firewall is not "denial of service", it is bad configuration
Пікірлер: 40