0

We are getting some configuration work done, through a remote contractor on our Mikrotik router (as we don't have expertise in-house)

Considering the router is the essential part of our network, I am wondering what are the pitfalls of this approach? so that it doesn't come back and haunt us.

We are planning to do the work over teamviewer, so someone will be watching throughout what are the configurations that are being done on the router.

But I would like to understand and be aware of any backdoors to prevent any form of access later.

The router has a WAN IP and is accessible from the internet.

Thanks.

andthereitgoes
  • 125
  • 1
  • 8

1 Answers1

1

MikroTik RouterOS is rather tightly closed so they cannot install anything custom on it, let alone a backdoor (with the traditional sense of the word).

What they can essentially do is configure stuff to gain access from outside.
Typical things to look for:

  • VPN interfaces
  • Tunnel interfaces
  • Firewall rules

To be on the safe side, you could also take a full backup or export the configuration so that you can revert back to a state before they accessed the router.

Cha0s
  • 2,432
  • 2
  • 15
  • 26
  • Thanks for your answer and the headsup.The work is related to few of those things i.e. VPN and tunnel interfaces. If I were to revert the configuration back, then the work would be lost. – andthereitgoes Nov 26 '17 at 21:55