Critical flaws found in Amcrest security cameras - Amcrest Hid info for 18 months

Discussion in 'Cyber Security' started by fenderman, Jun 12, 2019.

Share This Page

  1. fenderman

    fenderman Staff Member

    Joined:
    Mar 9, 2014
    Messages:
    30,563
    Likes Received:
    9,583
    "As the 2017 date on the CVEs makes clear, Amcrest has known about these flaws for least 18 months or more. It offered updated firmware a few months ago but delayed telling owners about the security aspect of its purpose in order to “give users time to update.”

    Critical flaws found in Amcrest security cameras
     
    Mike, looney2ns, TL1096r and 4 others like this.
  2. alastairstevenson

    alastairstevenson Staff Member

    Joined:
    Oct 28, 2014
    Messages:
    10,880
    Likes Received:
    3,410
    Location:
    Scotland
    Ouch!
     
    Ssayer and fenderman like this.
  3. Ssayer

    Ssayer Pulling my weight

    Joined:
    Jan 5, 2016
    Messages:
    358
    Likes Received:
    135
    Location:
    SE Michigan USA
    Add another of a zillion reasons to not allow your cams to be accessible from the net, eh?
     
  4. Chris TT

    Chris TT Young grasshopper

    Joined:
    Apr 25, 2017
    Messages:
    39
    Likes Received:
    1
    Is there a way to test if your cameras can access the internet? I've placed mine on a blacklist in the router... But I would like to see if that is effective. And yes in my blue iris system I do have Amcrest cams
     
  5. mikeynags

    mikeynags Getting the hang of it

    Joined:
    Mar 14, 2017
    Messages:
    90
    Likes Received:
    43
    Location:
    CT - the tax you to death state
    Chris - if you have a default gateway configured (barring any other security device) those cams have access to the internet. You’ll typically see NTP traffic but the Amcrest are notorious for calling home even when you shut every option off in the Web GUI it will still attempt connections out.


    Sent from my iPhone using Tapatalk
     
  6. Chris TT

    Chris TT Young grasshopper

    Joined:
    Apr 25, 2017
    Messages:
    39
    Likes Received:
    1
    Thanks. Will removing the gateways cause any other issues? I imagine I should still be able to access the cams for adjustments on their native UIs.
     
  7. mikeynags

    mikeynags Getting the hang of it

    Joined:
    Mar 14, 2017
    Messages:
    90
    Likes Received:
    43
    Location:
    CT - the tax you to death state
    Other than time drift potentially being an issue, I don't see any other issues unless you view your cameras remotely by connecting directly to them - which is not a good idea.
     
  8. Chris TT

    Chris TT Young grasshopper

    Joined:
    Apr 25, 2017
    Messages:
    39
    Likes Received:
    1
    OK will test. I don't connect directly to cams. I do see some timedrift, so i'm hoping the router blacklisting was working all along. Network is behind a VPN. Also need to look into a local time server... seen references to that as as solution.

    The camera UI is forcing a Gateway address of the same segment, what do you recommend?
    I put the same address as the camera IP to try one
     
    Last edited: Jun 16, 2019
  9. mikeynags

    mikeynags Getting the hang of it

    Joined:
    Mar 14, 2017
    Messages:
    90
    Likes Received:
    43
    Location:
    CT - the tax you to death state
    How is the camera setup to obtain an IP? Is it set to automatic/DHCP? You may be able to change it to manual and set it to the current IP address and subnet mask and leave the default gateway blank.
     
  10. Chris TT

    Chris TT Young grasshopper

    Joined:
    Apr 25, 2017
    Messages:
    39
    Likes Received:
    1
    Hi, the cameras have reserved ip addresses outside DHCP range.
    The camera's UI is set to STATIC IP. it's forcing a gateway of same segment. Can't leave it blank.
    I'm thinking though a gateway circular reference to it's own ip would sufficiently block access to internet.... i hope.
     
  11. Ssayer

    Ssayer Pulling my weight

    Joined:
    Jan 5, 2016
    Messages:
    358
    Likes Received:
    135
    Location:
    SE Michigan USA
    Just in case you've missed it. If you install Network Time on your BI machine, your cams can use it (NTP) to get the correct time and eliminate time drift...
     
  12. looney2ns

    looney2ns IPCT Contributor

    Joined:
    Sep 25, 2016
    Messages:
    7,042
    Likes Received:
    5,349
    Location:
    Evansville, Indiana
    NetTime - Network Time Synchronization Tool
     
  13. Chris TT

    Chris TT Young grasshopper

    Joined:
    Apr 25, 2017
    Messages:
    39
    Likes Received:
    1
    Thanks, this keeps the bi server time updated. How do i pass this to the cams for their native time/date to remain updated?
    On some cams i use the native cam software to provide date/time, instead of blueiris
     
  14. Ssayer

    Ssayer Pulling my weight

    Joined:
    Jan 5, 2016
    Messages:
    358
    Likes Received:
    135
    Location:
    SE Michigan USA
    ? This turns your BI machine into an NTP server. You set your cameras up via their setups to look to your BI machine instead of one of the internet NTP servers...