Open Ubiquiti Report

This report identifies hosts that have the Ubiquiti Discovery service running and accessible on the Internet.

These services have the potential to be used in amplification attacks by criminals that wish to perform denial of service attacks. In addition, they expose a large amount of information about the system running the service.

The service is tested by sending a UDP packet containing a four-byte payload to UDP port 10001.

Fields

  • timestamp
    Time that the IP was probed in UTC+0
  • ip
    The IP address of the device in question
  • protocol
    Protocol that the response came on (always UDP)
  • port
    Port that the CharGen response came from
  • hostname
    Reverse DNS name of the device in question
  • tag
    This will always be ubiquiti
  • asn
    ASN of where the device in question resides
  • geo
    Country where the device in question resides
  • region
    State / Province / Administrative region where the device in question resides
  • city
    City in which the device in question resides
  • naics
    North American Industry Classification System Code
  • sic
    Standard Industrial Classification System Code
  • mac
    Media access control address (MAC address) of the device
  • radioname
    The trivial name of the device
  • essid
    The SSID name of the wireless (if available)
  • modelshort
    The short model name of the device
  • modelfull
    The full model name of the device
  • firmware
    The revision of firmware that the device is running
  • size
    The size (in bytes) of the response

Sample

"timestamp","ip","protocol","port","hostname","tag","asn","geo","region","city","naics","sic","mac","radioname","essid","modelshort","modelfull","firmware","size"
"2019-02-04 15:34:33","177.22.68.220","udp",10001,"220.68.22.177.strnet.com.br","ubiquiti",262890,"BR","SAO PAULO","TAMBAU",0,0,"0027223ae564","Sartori Tecnologia","NETTAMBAU23N-2","AG5-HP",,"XM.ar7240.v6.0.4-licensed.30805.170505.1649",164
"2019-02-04 15:34:33","195.32.35.53","udp",10001,"c-35-53.cust.wadsl.it","ubiquiti",205005,"IT","ASTI","MONTECHIARO D'ASTI",0,0,"802aa8b03d28","DETTORI Daniela","find-adsl","LB5",,"XW.ar934x.v6.0.4.30805.170505.1510",142
"2019-02-04 15:34:33","195.32.50.5","udp",10001,"c-50-5.cust.wadsl.it","ubiquiti",205005,"IT","TORINO","CHIERI",0,0,"00272210fbd9","Ferrante Marco","find-adsl","N5N",,"XM.ar7240.v6.0.4.30805.170505.1525",144
"2019-02-04 15:34:33","189.80.29.3","udp",10001,"189-80-29-3.rev.tricor.com.br","ubiquiti",7738,"BR","MINAS GERAIS","CAMBUQUIRA",0,0,"0418d664a43a","andrea.sbarbosa","TrAirTC103Max","AG5-HP",,"XW.ar934x.v5.6.5.29033.160515.2108",151
"2019-02-04 15:34:33","179.189.37.80","udp",10001,,"ubiquiti",52598,"BR","RIO GRANDE DO SUL","IMIGRANTE",0,0,"002722a050e7","Tiago Andre Levanaoski","asnet_daltrofilhoA","AG5-HP",,"XM.ar7240.v5.6.3.28591.151130.1749",163
"2019-02-04 15:34:33","168.205.233.249","udp",10001,"249-233-205-168.static.interpop.com.br","ubiquiti",264871,"BR","MINAS GERAIS","MATIAS CARDOSO",0,0,"0418d64af3da","CAMARA","InterPop - 023","N5B-16",,"XW.ar934x.v6.0.3.30600.170329.1817",144
"2019-02-04 15:34:33","69.80.247.177","udp",10001,"ip-69-80-247-177.wireless.static.fire2wire.com","ubiquiti",11191,"US","CALIFORNIA","HILMAR",0,0,"6872514a3d61","AirRouter HP","Mendonca","LAP-HP",,"XM.ar7240.v5.6.4.28924.160331.1253",155
"2019-02-04 15:34:33","31.44.149.93","udp",10001,,"ubiquiti",50129,"ES","ALICANTE","TORREVIEJA",0,0,"802aa828c3df","PLA21964","PH32-U2-P4","P5B-400",,"XW.ar934x.v6.0.1.30382.170317.1751",145
"2019-02-04 15:34:33","179.107.61.45","udp",10001,"45-61-107-179.clickturbo.com.br","ubiquiti",262346,"BR","GOIAS","MORRINHOS",0,0,"0027225cea66","RICARDO APARECIDO VIEIRA","CLICKTURBO-001-JDA-UBNT-S4","LM5",,"XM.ar7240.v5.6.8.29413.160715.1613",176
"2019-02-04 15:34:33","138.34.36.120","udp",10001,,"ubiquiti",577,"CA","ONTARIO","PEMBROKE",0,0,"802aa8fa1eea","WCCT - P Seville","Lisgar-5.8Sec-SW","N5B-19",,"XW.ar934x.v6.0.4.30805.170505.1510",156

Our 76 Report Types