Dude, it's not funny. You're coming across like a script kiddie and it's not welcome here. You've just posted the credentials to someone's site that has probably been compromised and you're treating it like a joke. Go back and redact the IP addresses of those sites & devices before you get yourself into trouble.
Um. I guaran-damn-tee you that the router in question was compromised within a day or seven of it being stood up.
The default credentials on every bit of UBNT hardware that I've used grant access to both the web UI and admin SSH access. So, the access attempts that WillieStevenson has noticed coming from that IP are most likely coming from the router itself.
I can't see any reasonable reason for redacting the IPs that are making those access attempts, and I see no reason at all for redacting static, factory default usernames and passwords.
Look. Malicious boxes are attacking me. Although I must be politically correct in this situation to probably please everyone, while I probably shouldn't have logged into the router in question, I would prefer to publish such IPs because they have the potential to harm other machines.
Actually that particular IP attacked me more than 170 times.
It may be useful to others to keep this address on their "naughty" list of hosts to ban.
I don't think there's a need to publish those addresses. There are already lists with those IPs available (https://www.openbl.org/). Telling people that the IP had default password on the router will only cause the problem to the owner who may not even be aware of the attack. Proxies / worms for ssh scanning are very common, so maybe you just helped people break some Joe Random's home network.
> I don't think there's a need to publish those addresses. There are already lists with those IPs available...
Interestingly, the IP address of that router is _not_ present in either the base (attacks within the past 360 days) list or the delisted (manually removed from the base list by the person in question) list.
It's almost like no single list is terribly likely to be complete, and that publishing collation of a master list is required for completeness. :)
