Sara: Open-source RouterOS security inspector

   January 9, 2025  Posted in HelpnetSecurity


Sara is an open-source tool designed to analyze RouterOS configurations and identify security vulnerabilities on MikroTik hardware.

Sara’s main feature is using regular expressions as the primary analysis mechanism. This allows you to quickly and accurately process RouterOS configuration text files, making the tool powerful and easy to use.

“Sara is entirely standalone and requires no network connection. Feed in a configuration file, and it will find any potential security issues. This combination of autonomy, simplicity, and efficiency makes it a handy tool for network engineers and security professionals,” Magama Bazarov aka Caster, the creator of Sara, told Help Net Security.

“Sara has received some recognition: on September 19, 2024, it was included in the Kali Linux repository and has taken its place in the Vulnerability Analysis section. I applied for the addition myself, and it was approved. This move was a major accomplishment, confirming the value of the project to the community,” Bazarov added.

This RouterOS security inspector performs 20 security checks, including:

  • SMB Service Detection
  • RMI Services Analysis
  • UPnP Status Check
  • WiFi Configuration Review
  • DNS Configuration Review
  • Dynamic DNS (DDNS) Status
  • Power over Ethernet (PoE) Settings Review
  • Protected RouterBOOT Check
  • SOCKS Proxy Detection
  • Bandwidth Server Check
  • OSPF Interface Analysis
  • VRRP Interface Analysis
  • Discovery Protocols Configuration
  • User Password Policy Check
  • SSH Strong Crypto Detection
  • Connection Tracking Status
  • RoMON Status Check
  • MAC Server Settings Review
  • SNMP Analysis
  • Port Forwarding Rules Check

Future plans and download

“My plans are quite simple: expand the number of security checks, get more feedback from network engineers, and improve the accuracy of regular expressions. This will help minimize false-positive results and make configuration analysis even more reliable. Ultimately, I want Sara to become a popular tool for people working with MikroTik hardware,” Bazarov said.

Sara is available for free download on GitHub.

Must read:




Source link