Have you guys heard of MikroTik? Well for those of of you who don’t know, it is a Latvian manufacturer of computer networking equipment and its main product is the MikroTik RouterOS which is also based on Linux v2.6 kernel. MikroTik RouterOS is the operating system of the Mikrotik RouterBOARD but it can also be installed in your personal computer or server and will pack it with these features; ” routing, firewall, bandwidth management, wireless access point, backhaul link, hotspot gateway, VPN server and more. ” (yeah right!)
Lemme tell you a story about their router:
Anoymous: Knock! Knock!!
Mikrotik RouterOS: who’s there?
Mikrotik RouterOS: admin who?
< Anonymous enters the house >
Alright, enough with the story! Let’s get to the point, here are some facts about their router:
1. The login name for the RouterOS WebFig Login which is under port 80 is ‘admin’.
2. You can login immediately to their login page without putting a password as long as you use ‘admin’ as the username.
3. Most of their routers have the port 22 opened (SSH) and have the same pass with the Web GUI.
4. You can play with it, check the ‘Tools’ option under the Web GUI :p
So what’s wrong with their products, most of their routers are still open and have the default settings. It’s time for the manufacturers to alert their customers and users to put passwords on their routers.
For those of you who have Mikrotik RouterOS you can change the password by typing ‘password’ in the terminal. Secure now before it’s too late!