Month: June 2018
Skinny cables and the lowdown
The new ANSI/TIA-568.2-D cabling standard which now allows for the use of 28 AWG patch cords. What does this mean and how does it affect you? Read this article from Fluke networks.
Number one takeaway.
-Recommended length no more than 15 meters. This means it is great for dense racks and patch panels.
http://www.flukenetworks.com/blog/cabling-chronicles/skinny-28-awg-patch-cords
New Mikrotik hardware
From the latest Mikrotik newsletter
Winbox brute Force
You really should not have your winbox port open to anything but a management network, but if you need a script to help with brute force on the Mikrotik.
add action=drop chain=input comment="drop winbox brute forcers" dst-port=8291 \
protocol=tcp src-address-list=winbox_blacklist
add action=add-src-to-address-list address-list=winbox_blacklist \
address-list-timeout=1w3d chain=input connection-state=new dst-port=8291 \
protocol=tcp src-address-list=winbox_stage3
add action=add-src-to-address-list address-list=winbox_stage3 \
address-list-timeout=1m chain=input connection-state=new dst-port=8291 \
protocol=tcp src-address-list=winbox_stage2
add action=add-src-to-address-list address-list=winbox_stage2 \
address-list-timeout=1m chain=input connection-state=new dst-port=8291 \
protocol=tcp src-address-list=winbox_stage1
add action=add-src-to-address-list address-list=winbox_stage1 \
address-list-timeout=1m chain=input connection-state=new dst-port=8291 \
protocol=tcp
add action=drop chain=forward comment="drop WINBOX brute downstream" dst-port=8291 \
protocol=tcp src-address-list=winbox_blacklist
Of course changing your Winbox port number and disallowing access from anything but trusted Ip addresses is one of the best ways.
You must be logged in to post a comment.