12.206.199.254 vulnerable mirotik.. claims no one in the US can touch them

this guy claims no US IP has ever tried a winbox login. and he claims that since he allows all US and no other country he is not vulnerable to ANY exploit. I think he knows little

Attached: 20170519_171923.jpg (3264x1836, 1.68M)

Other urls found in this thread:

whois.arin.net/rest/net/NET-12-206-196-0-1
whois.arin.net/rest/org/AM-1531
twitter.com/NSFWRedditGif

not your personal army.

sage and hide.

only if i knew how

This is what I got....

# ARIN WHOIS data and services are subject to the Terms of Use

... OMITTED ....

NetRange: 12.206.196.0 - 12.206.199.255
CIDR: 12.206.196.0/22
NetName: AIRESPRI15-196
NetHandle: NET-12-206-196-0-1
Parent: ATTWORLD28 (NET-12-206-0-0-1)
NetType: Reassigned
OriginAS:
Organization: AIRESPRING-WIFI MIDWEST, INC. (AM-1531)
RegDate: 2017-02-04
Updated: 2017-02-04
Ref: whois.arin.net/rest/net/NET-12-206-196-0-1

OrgName: AIRESPRING-WIFI MIDWEST, INC.
OrgId: AM-1531
Address: 100 PATIENT WAY
City: JEFFERSON COUNTY
StateProv: MO
PostalCode: 63051
Country: US
RegDate: 2017-02-04
Updated: 2017-02-04
Ref: whois.arin.net/rest/org/AM-1531

This sounds like some very noob social engineering shit. sage

It is. Maybe my whois lookup wil get his pee pee up enough to give up.

nope, sage, this is a guy who says this is ALL he needs, offered an invite. Says hes not vulnerable to any of the many mikrotik exploits because he blocks non US IPs. He was told, put a drop all and then an ACL, he says need

k....

him I block input from apnic, ripe, afrinic and lacnic by default via address list of their super nets.

others
others not being that guy, but if your dropping (or tarpitting) anything, why not drop all and only allow ACL?

him I'm that kind of guy who does :) it's obvious most scans and attacks come from China and overseas. I block the obvious first. I'm from the states and those from the states I'm more interested in. I have additional layers of security in place, but no need to restrict myself within the states.

others him thats what im asking, why allow anyone who isnt allowed?

him I roam alot

others ombe OVPN in if you roam alot?

him I'm not that worried about it, and most attacks within the states are botnets that probe telnet and ssh, if they scan me they're blocked, so long as I don't probe myself, I'm ok

him I've yet to see someone from the states try to login over winbox

him not my first rodeo lol

him you are aware of the sheer volume of the IOT botnet in the US, right? Youre F-Ing nuts if you think no US attempts are made, most likely because your devices are compromised, why dont you default a unit (because youre likely compromised) and set an input drop all policy (with your office IP ACL) and youlll see how bad your mistake was

him I block my own IoT devices

him 12.206.199.254 is my IP, throw whatever you want at it

others why block your own IOt devices if the rest of the US doesnt?

him I be damned if my own IoT devices sniffs my own network, or some fucker from China builds a tunnel into it.

others we will see'

him I'll be sure to update this post if I ever become compromised lol

others i take it you dont monitor your logs

him I do

others and you are stating ZERO winbox logins from the US?

others attempts

him Just for the record, 75.104.11.155 is the only IP in John's log that is from the states attempting over Winbox. 1 out of 15. Also not trying to start a shit storm on here and to anyone, and waste anyone's time.

others 1/15 isnt what id call secure

others 6 percent is kind of high when talking about cyber security. hell we want 5 9s on wireless

him kinda funny, about one hour after this post all started and our responses, I got one port scanner coming from 104.129.29.74

others I thought no US IPs could bother you?

him I let them look and touch but no penetration lol

others so youre 100% certain youre running a firmware with no exploits?