If you believe it was defaulted, it should be admin/admin like you tried. It's certainly possible to be hacked within 5 seconds with botnets out there scanning. I've talked to guys who've had Mikrotik hacked in minutes before they locked it down.
On Tue, Dec 3, 2019, 6:05 PM Nate Burke <n...@blastcomm.com> wrote: > We had a cable on a tower that had come loose in some strong winds and > rubbed through the jacket probably shorting out a bunch of wires inside > the cat5 (not actually breaking). Remarkably, the Ethernet port on the > mikrotik was still negotiating 1G, even through there was no RX Traffic > from the AP. When we got the cable fixed, the EPMP AP (1000 series) > appears to be at default settings, but I can't log into it. The Login > page comes up, but it returns invalid user/password. I'm trying > admin/admin. The AP is at it's default name in a Neighbor list, and > it's requesting a DHCP Address which is not how it was before the cable > problem. SSH doesn't allow login either. Tried setting the AP to > different IP Addresses via DHCP, and can always get to the HTTP Page, > but can't log in. > > We tried doing the default via power sequence on the tower before > replacing it, and that didn't seem to help. (Of course there's no way to > see if it actually worked either) Is there anything I should look at > before trying a reset via the reset button on the bench? > > When we first got the cable replaced, the AP grabbed a public DHCP > Address, Could it have been hacked in the 10 minutes it was on that > public IP Address? Are there cambium scanning bots flying around the > interwebs. Or do the SSH Commands for login and changing the password > match some other bot scan. > > -- > AF mailing list > AF@af.afmug.com > http://af.afmug.com/mailman/listinfo/af_af.afmug.com >
-- AF mailing list AF@af.afmug.com http://af.afmug.com/mailman/listinfo/af_af.afmug.com
