DS-2Cd23035-i qustion

[haku]

Hey guys I bought a couple of Ds2-CD23035-i cameras back in 2016, FW V5.3.6 and a NVR

I never got around to installing them as plans changed.


I noticed that now there is a backdoor exploit for any FW lower than 5.4.4

Since this camera was a grey market (CN to EN hacked), I know updating the FW would revert back to CN language.


My question is, if I make it it so that the camera system is only local based (no remote access), would that still be 'safe' to do?

we are just wanting it to point the camera at the driveway and record when things come by.

If not, I will just buy another set, too bad the cameras were never used

thanks

 

[watchful_ip]

Yes - restrict access to your local LAN and they are fine.
Also can also set a nonsense gateway on the cameras and they can't talk to the Internet.

 

[richardcheese]

How do you do that?

 

[watchful_ip]

On the camera, where you set the IP.

Instead of the real gateway address for your network (usually the IP of you router), give it something else entirely.

E.g.

Cam IP: 192.168.0.10
Real Gateway: 192.168.0.1
Made up Gateway: 172.16.0.1

Then when camera tries to talk the Internet - or even respond to a non local address should your router somehow route traffic from the Internet to it, it will try to do so via 172.16.0.1 (which won't exist).

 

[richardcheese]

Thanks, what about an NVR? Can some sort of remote view still work?

Could a PC on the same network technically hacked and be a route in or is that more secure?

 

[watchful_ip]

Best for any embedded devices not to be externally routable if possible (i.e. can't talk to Internet). It's recommended to use a VPN if you need remote access to them.

Yes your PC can be potentially hacked/compromised and used to access you local network from the Internet. After all you need your PC to be able to talk to the Internet typically. That's why firewall, anti virus, malware checkers and other sensible computer security best practices should be followed.

 

[haku]

How do you do that?

I basically connected all the cams to my NVR, and the NVR is only connected to a monitor/mouse set up. No ethernet/wifi etc. Unfortunately not able to view remotely.