So it kind of explains why people try and brute force them from our public ip’s.
It did (or nmap [my blog] did) detect open ports and some weaknesses on the rfc1918 lan and that hpkp was not setup up. More false flags where flagged up too referencing software which had no hardware to do things.
The next day i went through a system report and found no evidence of intrusion even though i did the test..
I also tried to brute force our internal routers of which was to get a wifi password hours went by and i was not the wiser even though i knew the password. Its interface was quite nice doing those ip <if> mode commands, but it did have root permissions.
After two hours and little extra insight of the zoo’s server from an inside address i decided to call it day with kali.