Yes, Mikrotik should add https to SwitchOS.Either I'm a glutton for punishment or just cheap, but I've purchased another Mikrotik switch, the 4 10gbe port (+1 1gig port) little guy.įor a refresher, my previous. Ever dealt with a teenager computer geek that thinks that hacking YOUR network is a challenge either just because they can, or they want to get around the limitations that their parents put on their network access? In reference to whether a home network is worthy of being attacked - yes they are. Does not make it impossible, just harder. It means that it is harder to read the password (among other stuff) with a packet sniffer. Using a VPN adds a layer, but by itself is not total security. Two factor authentication is another layer. A simple password is a layer, but a complex password is thicker layer. By itself, provides very little security, but it means there is one more layer to crack. For example, using a non-standard port - sometimes called security through obscurity. Some layers are fairly simple (and in some cases have serious vulnerabilities if broken). Each layer makes it a bit harder to be attacked. Each layer makes it some amount more secure, and generally, no one layer will take you from totally insecure to totally secure. And judging from sparse notes by MT team members, SwOS-oly units might even lack HW resources needed for anything more than plain http anyway. I'm not saying anybody should abandon SwOS, I'm just saying that for advanced configuration stuff (or security stuff for that matter) SwOS might be just too light-weight. And again: it is completely possible (and not too hard) to configure switch-only configuration using ROS. If one really needs all the bells and whistles, then it is possible to have it. Managing switches over internet without using some kind of secure VPN is unwise (to put it mildly). If one does care about management security, it is possible to move management to separate VLAN and use management station inside that dedicated VLAN. I mean: if one doesn't care about separation of management from other traffic, then http is enough.
I really don't get the "https on SwOS" fame. As I said above, it would be nice to at least have https in SwitchOS.
0 kommentar(er)
