no I did not use the default password. I used a randomly generated 8 symbol password. One that I thought was secure. anyway changing the password to a new one did in deed put a bandage on. And ssh is no longer exposed to the wan. But there are still attempts.
Code:Mar 4 04:46:37 dropbear[29942]: Bad password attempt for 'admin' from 27.72.233.207:39365 Mar 4 04:46:40 dropbear[29942]: Exit before auth (user 'admin', 1 fails): Exited normally Mar 4 05:54:30 dropbear[1347]: Bad password attempt for 'admin' from 188.72.166.216:44423 Mar 4 05:54:36 dropbear[1347]: Exit before auth (user 'admin', 1 fails): Exited normally
You've confirmed that your password was something other than the default password, but you haven't answered Colin's question: "Did you have "Web Access from WAN" enabled?"
https://www.snbforums.com/threads/was-my-router-owned.37860/#post-311497
It's quite important we know: if the answer's yes, people will be relieved, and if no, there will be concern.