[AusNOG] Mikrotik IPv6 Vulnerability - Must Read if you have Public IPv6 Facing Mikrotik
Michael J. Carmody
michael at opusv.com.au
Mon Apr 1 12:11:36 EST 2019
If you want to stay in the Mikrotik like space, VyOS is probably where you need to be for BGP/Carrier networking.
If looking for CPE/lower level again, pfSense or Edgerouter?
-Michael
From: AusNOG <ausnog-bounces at lists.ausnog.net> On Behalf Of Alex Samad
Sent: Sunday, 31 March 2019 5:51 PM
To: ausnog at lists.ausnog.net
Subject: Re: [AusNOG] Mikrotik IPv6 Vulnerability - Must Read if you have Public IPv6 Facing Mikrotik
Sigh, how long have they promised V7 ...
Think it was coming soon 7years ago
Multithreaded BGP !
"
* There's a comment 'The fix is in v7' - theres a long running joke that v7 will never emerge (it probably never will, they've lost most of their senior engineers, and refuse to open source their code to leverage their developers in the community)
"
is this whispers or documented somewhere ?
What would some suggest as a good replacement ?
A
On Sat, 30 Mar 2019 at 09:48, Philip Loenneker <Philip.Loenneker at tasmanet.com.au<mailto:Philip.Loenneker at tasmanet.com.au>> wrote:
Unfortunately this apparently fixes 2x softlock issues, but not a memory leak that results in a reboot of the device.
You can read from here on to see more information:
https://forum.mikrotik.com/viewtopic.php?f=2&t=147048#p723977
Regards,
Philip Loenneker | Network Engineer | TasmaNet
From: AusNOG <ausnog-bounces at lists.ausnog.net<mailto:ausnog-bounces at lists.ausnog.net>> On Behalf Of Shane Clay
Sent: Friday, 29 March 2019 10:08 PM
To: ausnog at lists.ausnog.net<mailto:ausnog at lists.ausnog.net>
Subject: Re: [AusNOG] Mikrotik IPv6 Vulnerability - Must Read if you have Public IPv6 Facing Mikrotik
Looks like a fix is on the way:
What's new in 6.45beta22 (2019-Mar-29 08:37):
Changes in this release:
!) ipv6 - fixed soft lockup when forwarding IPv6 packets (CVE-2018-19299);
!) ipv6 - fixed soft lockup when processing large IPv6 Neighbor table (CVE-2018-19298);
https://mikrotik.com/download/changelogs/testing-release-tree
Shane Clay
Caznet
From: AusNOG <ausnog-bounces at lists.ausnog.net<mailto:ausnog-bounces at lists.ausnog.net>> On Behalf Of Noel Butler
Sent: Friday, 29 March 2019 12:02 PM
To: ausnog at lists.ausnog.net<mailto:ausnog at lists.ausnog.net>
Subject: Re: [AusNOG] Mikrotik IPv6 Vulnerability - Must Read if you have Public IPv6 Facing Mikrotik
On 29/03/2019 11:17, Mike Everest wrote:
On the point of "the fix is in v7"
v7 has for a great many years, been code for "too hard basket"
--
Kind Regards,
Noel Butler
This Email, including any attachments, may contain legally privileged information, therefore remains confidential and subject to copyright protected under international law. You may not disseminate, discuss, or reveal, any part, to anyone, without the authors express written authority to do so. If you are not the intended recipient, please notify the sender then delete all copies of this message including attachments, immediately. Confidentiality, copyright, and legal privilege are not waived or lost by reason of the mistaken delivery of this message. Only PDF<http://www.adobe.com/> and ODF<http://en.wikipedia.org/wiki/OpenDocument> documents accepted, please do not send proprietary formatted documents
_______________________________________________
AusNOG mailing list
AusNOG at lists.ausnog.net<mailto:AusNOG at lists.ausnog.net>
http://lists.ausnog.net/mailman/listinfo/ausnog
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20190401/7599c14f/attachment.html>
More information about the AusNOG
mailing list