This article has been written to expose how unsecured is MikroTik after the first boot and specify some common problems. Many services are running on every network interface, password is not set, default user rights and many others. MikroTik developers preferred that way, because they want to give the opportunity at user to configure them as he wants.

Unfortunately you have not only to disable some services, you will also have to add firewall rules and access lists in order to have a secured router inside a huge network. Hopefully all tools we need are inside MikroTik's firewall (an excellent front-end for IpTables).

Except from the security issues, older versions of MikroTik (that are not able to upgraded any more) may have unsolved bugs. Most important problems are covered here too.