Cameras seem to be hacked
- Thread starter AstroIROC
- Start date
mat200
IPCT Contributor
- Joined
- Jan 17, 2017
- Messages
- 14,018
- Reaction score
- 23,349
fenderman
Staff member
- Joined
- Mar 9, 2014
- Messages
- 36,905
- Reaction score
- 21,279
you must disable all port forwarding and UPNP BOTH on the router and the cameras.
there is no need for this when using blue iris.
Sounds like they are hacked for sure. As @fenderman said, disable upnp on both the router and cameras and do not forward the camera ports. If you're using international versions of the cameras (non-chinese) then you could update your firmware (which isn't necessary). But make sure to do your homework on this first as you can come into issues when updating firmware with grey market cameras.
as for recovering your cams, one way is a factory reset if you have physical access (via reset button on the back or inside the cam body).
Then run SADP to find them on your network and set them up again, after disabling UPNP in your router and rebooting it to clear any previously opened ports...
Then run SADP to find them on your network and set them up again, after disabling UPNP in your router and rebooting it to clear any previously opened ports...
Last edited:
My own opinion, for what that is worth, is that you should not update the firmware just for security reasons. Instead, prevent the cameras from internet access and don't worry about their vulnerabilities anymore. In fact, use their vulnerabilities to your advantage (for resetting forgotten passwords, for example).
SouthernYankee
IPCT Contributor
1) disable port forwarding, do not use scanned QR, disable uPNP at your router and in the camera, do not use P2P.
2) reset the cameras and reconfigure in blue iris.
3) block the cameras from the internet, either use a seperate network, (two nic cards in the BI PC) or at the router block the camera mac addresses
4) to remote access the BI machine use a VPN, use openVPN or a similar product. NOT commercial purchased VPN software.
5) do not use cloud anything.
6) at the camera level I do not set the gateway address, or the DNS address to valid addresses, but i do not think that this helps.
if the cameras are HACKED chinese cameras, they may have been infected before you purchased them.
2) reset the cameras and reconfigure in blue iris.
3) block the cameras from the internet, either use a seperate network, (two nic cards in the BI PC) or at the router block the camera mac addresses
4) to remote access the BI machine use a VPN, use openVPN or a similar product. NOT commercial purchased VPN software.
5) do not use cloud anything.
6) at the camera level I do not set the gateway address, or the DNS address to valid addresses, but i do not think that this helps.
if the cameras are HACKED chinese cameras, they may have been infected before you purchased them.
No (at least not from outside your network), thus the recommendation to use VPN...
If you are forwarding the http (web server) port of BI then yes, you can see your cameras outside of your network using the BI app.
I tend to agree with this, especially after seeing several people bricking their cameras after updating firmware. The best thing is to never port forward the ports on the cameras themselves. If you want to port forward instead of the VPN route (which many do), then just forward the BI web server port.
mat200
IPCT Contributor
- Joined
- Jan 17, 2017
- Messages
- 14,018
- Reaction score
- 23,349
fenderman
Staff member
- Joined
- Mar 9, 2014
- Messages
- 36,905
- Reaction score
- 21,279
Your cameras were hacked because the cameras were port forwarded, not blue iris.
Blue iris does not need the cameras themselves to be port forwarded. Its pointless.
For blue iris itself, its best to use a vpn.
Yes def, check out the VPN portion of the wiki.
It def sounds like the cameras were port forwarded OR UPnP was turned on, on the cameras and router. Either way, disable upnp on both the cameras and in the router, remove all port forwarding rules and check out the VPN portion of the wiki.
UPnP was on on the router and cameras, but the only port forward that was used was to the sever for blue iris
upnp can do it, disable everywhere
UPnP is da debbil. Terminate with extreme prejudice. Fo sho.
