Yeah it was stupid to go full DMZ and not to change the default password..
But did't think it would happen that quick...
But then again its was Saturday night
Based on the mac address they could see that it was a Raspberry. All berry's start with this mac address b8:27:eb:XX:XX:XX
It's freaky that it happend so quick. My first modem was in bridge modes and I remember that one day I was lazy to check the ip of my xbox.
So I did a lan scan my pc was connected directly so the result was not what I expected. Because it returned also everybody that was on the same node as I was. That day I installed a Router/firewall because I needed a home network. And seeing all those different IP's made me scary that someone could get in to my pc.
So I am not surprised that it happend, only that it happend so quick.
And I want to know if there is away to get in to the log . I am just curious to find out what is been done, our how did it
Also one strange thing to note: my ISP blocks all in coming connection below 1024 for security reasons
So yes, port 22 is below 1024 so in theory this could not happen.
Maybe policies have changed after I left them 3 years ago. And DMZ is wide open now.
Back when I was working for that ISP I needed to change many ports above 1024 to make servers/services work.
Check out my website
http://dcnigma.eu5.org just a personal blog/website.
To keep track of my projects, Arcade Cabinets, Dreamcast mods, Raspberry Pi mods, Software, Design,
Homebrew Games, Rom Hacks, 3D prints, Strange things and many more