MikroTik router security: How Minim Installer hardens MikroTik routers
Nehemiah Blackburn
on January 28, 2020
Last year, Minim became a Made for MikroTik software partner and launched the Minim Installer for MikroTik— a tool for operators to easily configure any MikroTik hardware with Minim. Since then, we've made several MikroTik router security enhancements to the tool.
As a quick recap, the Minim Installer gives operators three MikroTik router installation configurations to choose from: DHCP Client, PPPoE, and Static IP. As of today, each configuration also includes the following safeguards:
- Default admin user is disabled— Per MikroTik First Time Startup guidelines, Minim automatically disables the default admin user. This is a preconfigured setting on all MikroTik hardware, and if left untouched, can result in unauthorized access of the device.
- Random usernames and passwords are generated— To protect against brute-force attacks, Minim randomly generates user credentials.
- Only the ISP user is exposed— To protect subscriber data and Personally Identifiable Information (PII), Minim ensures that only the ISP user group is exposed.
- Passphrase for network is checked— To prevent open networks, Minim checks that the WiFi network passphrase is populated.
- Guest networks are isolated— To protect against visitor over-utilization and security threats from unknown devices, Minim isolates guest WiFi networks from the home's main network. Additionally, guest network users are blocked from accessing WebFig, the RouterOS configuration tool.
- SOCKs service is disabled— To prevent data from being relayed across the firewall, Minim disables the SOCKs proxy server by default.
Visit our step-by-step guide to get started with Minim Installer for MikroTik. If you're interested in learning more about the Minim platform, contact us or download our service brief below!