looney2ns
IPCT Contributor
4.5.5.0 64bit constant camera drop outs
- Thread starter bctrainers
- Start date
looney2ns
IPCT Contributor
If you feel your cams have been hacked, it is my understanding that if you power down everything on your network for a few minutes, the bot or whatever will be erased. As most of them reside in the memory of the device. You must have everything powered down all at once.
I prefer NetTime because it is much better at keeping a system's clock accurate than Windows is -- and you really want your NTP server to be accurate.
Wow! This thread exploded in activity this past week!
I rechecked the pfSense box to ensure UPNP is configured to reject any and all port mapping requests. Sure enough, that was set many a time ago to deny anything and everything UPNP.
What did fix my issue in particular was downgrading BlueIris to 4.5.3.2 x64 (after spending a good while searching these forums =/ ). After the downgrade was installed, I went ahead and rebooted the machine that hosts BlueIris. Since then, all has been well.
I checked the PTZ Camera's network traffic logs on pfSense. I was, and still am, unable to find any foreign IP addresses on LAN or WAN having illicit access, or attempting to gain (from the outside in) access to the camera itself other than the source machine on LAN running BlueIris. That goes without saying, excluding me from directly accessing the camera. The only outgoing connections I've observed is the NTP IP address that i've configured, which goes to the pfSense router for its NTP daemon.
Making note, this IP camera is not permitted at the pfSense level to access the WAN/internet address space. The IP camera is also static assigned IPv4. The camera is effectively forbidden from being able to communicate with the internet.
For whatever it's worth, I pulled the cameras log file to see if there might be anything on it. This is what was returned when BlueIris was on the fritz. 192.168.20.5 is the source machine running BlueIris trying to connect to the IP camera. There's hundreds of lines of this repeated below...
I rechecked the pfSense box to ensure UPNP is configured to reject any and all port mapping requests. Sure enough, that was set many a time ago to deny anything and everything UPNP.
What did fix my issue in particular was downgrading BlueIris to 4.5.3.2 x64 (after spending a good while searching these forums =/ ). After the downgrade was installed, I went ahead and rebooted the machine that hosts BlueIris. Since then, all has been well.
I checked the PTZ Camera's network traffic logs on pfSense. I was, and still am, unable to find any foreign IP addresses on LAN or WAN having illicit access, or attempting to gain (from the outside in) access to the camera itself other than the source machine on LAN running BlueIris. That goes without saying, excluding me from directly accessing the camera. The only outgoing connections I've observed is the NTP IP address that i've configured, which goes to the pfSense router for its NTP daemon.
Making note, this IP camera is not permitted at the pfSense level to access the WAN/internet address space. The IP camera is also static assigned IPv4. The camera is effectively forbidden from being able to communicate with the internet.
For whatever it's worth, I pulled the cameras log file to see if there might be anything on it. This is what was returned when BlueIris was on the fritz. 192.168.20.5 is the source machine running BlueIris trying to connect to the IP camera. There's hundreds of lines of this repeated below...
Code:
01407 2017-05-10 05:01:08 Log Out[User admin LogOut by DVRIP-Web:192.168.20.5]
01408 2017-05-10 05:01:08 Log Out[User admin LogOut by DVRIP-Web:192.168.20.5]
01409 2017-05-10 05:01:08 Log In[User admin LogIn by DVRIP-Web:192.168.20.5]
01410 2017-05-10 05:02:05 Log Out[User admin LogOut by DVRIP-Web:192.168.20.5]
01411 2017-05-10 05:02:05 Log In[User admin LogIn by DVRIP-Web:192.168.20.5]
01412 2017-05-10 05:03:02 Log Out[User admin LogOut by DVRIP-Web:192.168.20.5]
01413 2017-05-10 05:03:02 Log In[User admin LogIn by DVRIP-Web:192.168.20.5]
01414 2017-05-10 05:04:20 Log Out[User admin LogOut by DVRIP-Web:192.168.20.5]
01415 2017-05-10 05:04:20 Log In[User admin LogIn by DVRIP-Web:192.168.20.5]
01416 2017-05-10 05:05:16 Log Out[User admin LogOut by DVRIP-Web:192.168.20.5]
01417 2017-05-10 05:05:17 Log In[User admin LogIn by DVRIP-Web:192.168.20.5]
01418 2017-05-10 05:06:13 Log Out[User admin LogOut by DVRIP-Web:192.168.20.5]So my Windows Time service stopped working once I installed the Creator update. Does NetTime also act as a NTP server or do I still need to use the Windows Time service?