Crystal Web slashes ADSL prices

@CW

Could you guys offer us Mikrotik routers that are preconfigured for your network, that we could just plug n play?

I definitely be interested in one. I know our home network is not very secure with the TP Link router we're currently using.

How do you reckon your TP-Link isn't secure?

And how do you reckon the Mikrotik will be more so?
 
One with an incompetent IT security team, for sure. Ster-Kinekor is a good example. They still store user details on their ticketing website in plain text with no hashing, and getting access to those details is probably not that difficult. This may have also been a hack as a result of a disgruntled employee leaving the company and causing some sabotage, or they may have had some fault creep into the image they deploy for their network, and audting didn't catch it in time. Not every example of a vulnerability is a case of incompetence, which is something I'm sure you'll agree with.

Oddly enough, S-K's IT team was fast enough to patch for heartbleed the week the attack was made known on the net, but they still don't hash passwords.



Here I'd have to disagree. There are several legal hurdles that prevent what you envision from happening, and because so many companies on the net use closed-source software, getting access to that for auditing purposes basically doesn't happen unless by fluke or if the company provides a very valuable service to a significant number of corporate customers. I can't reasonably expect, as a ZA citizen, to get Google's authenticator audited to make sure that it's secure and more random than not, but I have to rely on the word of third-party security companies that Google uses to make those claims for them after forensic audits.

Blaming CW wholesale and not letting the issue rest doesn't make sense to me, certainly not as a network engineer, because they owned up to the problem, took services offline as quickly as possible, and made moves to patch it and protect the accounts of users. I mean, that's a really good response to the issue. You don't even get a "Sorry guys, our bad" from Sony or Blizzard.



What's your response to the Linux Mint team being hacked and having malicious code slipstreamed into their ISO images? Or a seemingly innocent integer being deliberately put out of place in the Linux kernel network stack that actually opens up a vulnerability in SSL encryption that was only caught after Linus Torvalds saw it right before a planned beta merge? **** happens, even in open-source projects where the code is scrutinised every minute of every day. You can't be on top of security 110% of the time unless you're not an internet company and keep your network strictly off-limits except in special cases and have a "no portable media" policy.

At some point we have to accept that the nature of the beast means that someone, somewhere is going to screw up the process, and it's not always avoidable. I think Sony is unbelievably lax about security and should have been dragged over the coals before, but I still used their services after fixes were implemented to mitigate the effects of future attacks. Keeping grudges for extended periods of time is just exhausting.

Enjoyed your response very much. Thanks CataclysmZA.
 
How do you reckon your TP-Link isn't secure?

And how do you reckon the Mikrotik will be more so?

I have no idea how secure my TP Link is, that's kind of the problem. I mostly have the default settings enabled. Also, its not a very high end model, think I paid around R500.

I've heard the Mikrotik routers have a lot more features but that are very difficult to set up.

Thus my question as to whether CW could offer Mikrotik routers that are presetup to be as secure as possible so that me as the end user can just plug n play.
 
I have no idea how secure my TP Link is, that's kind of the problem. I mostly have the default settings enabled. Also, its not a very high end model, think I paid around R500.

I've heard the Mikrotik routers have a lot more features but that are very difficult to set up.

Thus my question as to whether CW could offer Mikrotik routers that are presetup to be as secure as possible so that me as the end user can just plug n play.
I'm a big Mikrotik fan. If I could make a suggestion however, rather look at PFsense. Been running PFsense for a few months now, and I'm really impressed. Great firewall to be honest.

Nothing wrong with Mikrotik however. With both options all incoming ports are blocked by default. Outgoing are all open. Just set a proper password, and restrict SSH, FTP and Telnet (I've seen some failed login attempts on port 80 as wel as of late so add it to the list as well) to lan only, and you should be ok.
 
I have no idea how secure my TP Link is, that's kind of the problem. I mostly have the default settings enabled. Also, its not a very high end model, think I paid around R500.

I've heard the Mikrotik routers have a lot more features but that are very difficult to set up.

Thus my question as to whether CW could offer Mikrotik routers that are presetup to be as secure as possible so that me as the end user can just plug n play.

I don't think you'll find any problem with the security of your default configuration of your router.

Unless you make your wireless key "password" or something equally stupid.

Mikrotik won't offer you anything more, probably get you in a less secure position from tinkering with things you don't understand.

Also "as secure as possible" and "plug and play" don't go together. Super secure means stuff not working. Plug and play means less secure to allow for ease of use etc.
 
Top
Sign up to the MyBroadband newsletter
X