Device Parameters Concerning

N

noturname

n3wb
Jul 16, 2024
5
0
Hello, I recently purchased a HikVision Turret Camera model DS-2CD2347G2H-LISU/SL 2.8mm and as i was setting it up i decided to download the device parameters for review. As I am scanning the pages there is a lot in there that is not making sense. Im not exactly an expert in reading this stuff but i got a good idea and im not exactly sure why it would be running scripts on my network in command line. If someone would take some time and do a run through and see if anything sticks out as abnormal please let me know. file is attached and here are the virustotal results for it Scanned Camera Parameters

Thanks in advance

 
As an Amazon Associate IPCamTalk earns from qualifying purchases.
Unless I'm missing something, the text file not downloadable.

I'm 99% sure it's all fine though.
 
noturname said:
Im not exactly an expert in reading this stuff but i got a good idea and im not exactly sure why it would be running scripts on my network in command line.
Click to expand...
Yes, we can't pull the file out of VirusTotal to see the contents.
The exported configuration won't be running scripts, it's just using a recognised structure to hold the variables.
Though often it's XML format as opposed to javascript.
 
  • Like
Reactions: looney2ns
alastairstevenson said:
Yes, we can't pull the file out of VirusTotal to see the contents.
The exported configuration won't be running scripts, it's just using a recognised structure to hold the variables.
Though often it's XML format as opposed to javascript.
Click to expand...
Oddly enough it won't let me attach the actual file either. It's. .txt file and the reason I think it's running scripts is because inside there is print of netstat -an being ran with my IP info.
 
That's just normal debug to show network service information of the device.

Not a sign of doing nefarious things on your network.

Having said that, the advice is always to not allow any camera etc access to the Internet.

Also, you likely are not exporting the configuration. It's diagnostics info.
 
Last edited:
  • Like
Reactions: alastairstevenson
watchful_ip said:
That's just normal debug to show network service information of the device.

Not a sign of doing nefarious things on your network.

Having said that, the advice is always to not allow any camera etc access to the Internet.

Also, you likely are not exporting the configuration. It's diagnostics info.
Click to expand...
Yes I think you are right. I get not allowing them to access the internet but I've not had any luck setting up my home network. I was gifted a thinkserver ts140 and was all gungho about getting it set up just to run the cameras and BI but I found out recently I can't put windows 10 on it. So I'm having issues to say the least and that is for another thread. I will get the diagnostics and just copy some of the txt and paste it when I get it from my laptop. There are a couple things here and there but it looks like I may be worried about nothing. I appreciate the responses regardless
 
Yes all this is normal diagnostics info - triggered by you in the web interface.

Helpful to fix problems, for support etc. You can see in the process list that /usr/sbin/diag is running (and producing this output)

Nothing there that's a security risk.

Code: 
 1544  1543 admin    S     3192  1.4   0  0.0 {diag} /bin/sh /usr/sbin/diag
 1543  1071 admin    S     3192  1.4   0  0.0 sh -c diag

For your peace of mind - this is /usr/sbin/diag script from one of mine (may have a few differences as probably a different camera platform)

Code: 
# cat /usr/sbin/diag
#!/bin/sh

usage()
{
        echo "***********************************************************"
        echo "USAGE:"
        echo "diag [object]"
        echo "object: default all"
        echo "  net  : Network log collection"
        echo "  mem  : Memory log collection"
        echo "  flash: Flash log collection"
        echo "  wifi : wifi log collection"
        echo "  cellular : cellular log collection"
        echo "  all  : all above"
        echo "eg."
        echo "  diag all"
        echo "***********************************************************"
}

if [ $# -eq 0 ] ; then
        opt="all"
elif [ $# -eq 1 ]; then
        opt=$1
else
        usage
        exit 1
fi

baselog()
{
        echo "########################################################################################";
        echo "################################ Base log collection ################################";
        echo "########################################################################################";
        echo "=====prtHardInfo=====";
        prtHardInfo;
        echo "=========uptime======";
        cat /proc/uptime;
        echo "=========date========";
        date;
        echo "=======version=======";
        cat /proc/debug/version;
        echo "==========ps=========";
        ps;
        echo "========ps -T========";
        ps -T;

        return 0;
}

netlog()
{
        echo "########################################################################################";
        echo "################################ Network log collection ################################";
        echo "########################################################################################";
        echo "======ifconfig=======";
        ifconfig;
        sleep 1;
        echo "======ifconfig=======";
        ifconfig;
        sleep 1;
        echo "======ifconfig=======";
        ifconfig;
        echo "====netstat -an======";
        netstat -an;
        sleep 1;
        echo "====netstat -an======";
        netstat -an;
        sleep 1;
        echo "====netstat -an======";
        netstat -an;
        echo "=====interrupts======";
        cat /proc/interrupts;
        sleep 1;
        echo "=====interrupts======";
        cat /proc/interrupts;
        sleep 1;
        echo "=====interrupts======";
        cat /proc/interrupts;
        echo "========arp==========";
        cat /proc/net/arp;
        echo "======rt_cache=======";
        cat /proc/net/rt_cache;
        echo "========route========";
        route -n;
        echo "=======iptables======";
        iptables -L;
        sleep 1;
        echo "=======snmp=======";
        cat /proc/net/snmp;
        echo "=======speed=======";
        cat /sys/class/net/eth0/speed;
        echo "=======sockstat=======";
        cat /proc/net/sockstat;
        echo "=======emac_link=======";
        cat /proc/net/emac_link;
        echo "=======emac_link=======";
        cat /proc/debug/emac_link;
        echo "=======network_deamon=======";
        cat /log/network_log;

        return 0;
}

memlog()
{
        echo "########################################################################################";
        echo "################################ Memory log collection #################################";
        echo "########################################################################################";
        echo "=========free========";
        free;
        echo "=========top========";
        top -n 3 -d 1;
        echo "=========mpstat========";
        mpstat;
        echo "=========meminfo========";
        cat /proc/meminfo;
        sleep 1;
        echo "=========meminfo========";
        cat /proc/meminfo;
        sleep 1;
        echo "=========meminfo========";
        cat /proc/meminfo;
        echo "=========slabinfo=======";
        cat /proc/slabinfo;
        sleep 1;
        echo "=========slabinfo=======";
        cat /proc/slabinfo;
        sleep 1;
        echo "=========slabinfo=======";
        cat /proc/slabinfo;
        echo "=========zoneinfo=======";
        cat /proc/zoneinfo;
        sleep 1;
        echo "=========sysrq-m========";
        echo m > /proc/sysrq-trigger;

        return 0;
}

flashlog()
{
        echo "########################################################################################";
        echo "################################ Flash log collection ##################################";
        echo "########################################################################################";
        echo "===========df-m=========";
        df -h;
        echo "===========mount========";
        mount;
        echo "===========iostat========";
        iostat;
        echo "===========yaffs========";
        cat /proc/yaffs;
        echo "=======ubi1-max_ec======";
        cat /sys/class/ubi/ubi1_0/device/max_ec;
        echo "===ubi1-bad_peb_count===";
        cat /sys/class/ubi/ubi1_0/device/bad_peb_count;
        echo "=======ubi2-max_ec======";
        cat /sys/class/ubi/ubi2_0/device/max_ec;
        echo "===ubi2-bad_peb_count===";
        cat /sys/class/ubi/ubi2_0/device/bad_peb_count;
        echo "=======ubi3-max_ec======";
        cat /sys/class/ubi/ubi3_0/device/max_ec;
        echo "===ubi3-bad_peb_count===";
        cat /sys/class/ubi/ubi3_0/device/bad_peb_count;
        echo "=======ubi4-max_ec======";
        cat /sys/class/ubi/ubi4_0/device/max_ec;
        echo "===ubi4-bad_peb_count===";
        cat /sys/class/ubi/ubi4_0/device/bad_peb_count;
        echo "===cmdline===";
        cat /proc/cmdline;

        return 0;
}

wifilog()
{
        echo "########################################################################################";
        echo "################################ wifi log collection ###################################";
        echo "########################################################################################";
        echo "========getWifiInfo=====";
        getWifiInfo;
        echo "===========wl ver=======";
        wl ver;
        echo "==========ifconfig======";
        ifconfig -a;
        echo "==========wl status=====";
        wl status;
        echo "===========lsmod========";
        lsmod;

        return 0;
}

cellularlog()
{
        echo "########################################################################################";
        echo "################################ cellular log collection ###################################";
        echo "########################################################################################";
        echo "========update cellular log=====";
        cellulardebug log 7;
        sleep 2;
        echo "===========get /davinci/cellular_info.log=======";
        cat /davinci/cellular_info.log;
        sleep 2;
        echo "==========get /var/log/cellular.log======";
        cat /var/log/cellular.log;
        sleep 2;
        echo "==========ifconfig======";
        ifconfig -a;
        sleep 1;
        echo "===========route========";
        route -n;
        sleep 1;
        echo "===========dns========";
        cat /etc/resolv.conf;
    sleep 1;
    echo "==========OpenHIK.log=========="
    cat /davinci/OpenHIK.log;

        return 0;
}

case $opt in
net)
        sdmesg;
        baselog;
        netlog;
        sdmesg;
        ;;
mem)
        sdmesg;
        baselog;
        memlog;
        sdmesg;
        ;;
flash)
        sdmesg;
        baselog;
        flashlog;
        sdmesg;
        ;;
wifi)
        sdmesg;
        baselog;
        wifilog;
        sdmesg;
        ;;
cellular)
        sdmesg;
        cellularlog;
        ;;
all)
        sdmesg;
        baselog;
        netlog;
        memlog;
        flashlog;
        wifilog;
        cellularlog;
        sdmesg
        ;;
-h)
        usage
        ;;
*)
        echo "$1 is not supported,please enter ‘diagnose -h’!"
        exit 1
esac

exit 0
 
Last edited:
  • Like
Reactions: alastairstevenson
You must log in or register to reply here.
Top Bottom