fenderman
Staff member
- Mar 9, 2014
- 36,892
- 21,408
Its likely that you have not properly disabled the port forwarding. Hard reset both your router and your camera. Before connecting either to the internet, disable upnp on both.
DS-2CD2332 changing password on its own
- Thread starter spotco2
- Start date
Mike A.
Known around here
- May 6, 2017
- 4,163
- 6,969
Hmmm...
On the cam in the same config section where you found the UPnP setting, look under the tab there that says "Platform Access" and see if that's enabled. If so, then disable the check box and blank out whatever else you can.
Run the ShieldsUp scan again and see if there's anything reported.
Beyond that, not sure what else to check. Could be unrelated to security, especially if running some hacked firmware, but that's the usual issue with changed passwords on those cams (and many others).
On the cam in the same config section where you found the UPnP setting, look under the tab there that says "Platform Access" and see if that's enabled. If so, then disable the check box and blank out whatever else you can.
Run the ShieldsUp scan again and see if there's anything reported.
Beyond that, not sure what else to check. Could be unrelated to security, especially if running some hacked firmware, but that's the usual issue with changed passwords on those cams (and many others).
I can not access the camera period.
I have not changed anything as far as firmware or software since I purchased and installed it.
Results from scan of ports: 0-1055
0 Ports Open
2 Ports Closed
1054 Ports Stealth
---------------------
1056 Ports Tested
NO PORTS were found to be OPEN.
Ports found to be CLOSED were: 80, 554
Other than what is listed above, all ports are STEALTH.
TruStealth: FAILED - NOT all tested ports were STEALTH,
- NO unsolicited packets were received,
- NO Ping reply (ICMP Echo) was received.
Last edited:
Mike A.
Known around here
- May 6, 2017
- 4,163
- 6,969
Sorry, I missed that you said you couldn't access now with SADP . Maybe @alastairstevenson can help with that. He's the master for such things.
The ShieldsUp results makes me wonder some... "Closed" from it I believe means that there's some host/service there but that it refused the connection. Port 554 is RTSP (as used by cams). Not sure why that would show up at all on a port scan of your router unless there was something using RTSP that's exposed in some way through the router.
80 could be lots of things. Not likely the source of your problem here and not sure how Linksys does things but you should figure that out too. Make sure that the router's admin page isn't available externally unless you absolutely need it to be for some reason (likely not). Usually there's some setting for remote administration or something similar.
Edit to add: Actually 80 could be the cam's interface too so...
Last edited:
alastairstevenson
Staff member
This does confirm that inbound access to a device is still possible, quite likely a camera given the 554 port (RTSP).
All ports should be stealthed.
@Mike A. suggestion about Platform Access was valid - it's another vector for hacking activities.
If you've power-cycled the camera and still nothing in SADP, it may have been hacked to change more than the password.
With the Hikvision backdoor - anything is possible.
To recover bricked cameras, the brickfixV2 method should yield some results, and allow firmware updates to close the backdoor vulnerability :
It's not too hard, loads of people have used it with good results.
Unbrick and fully upgrade your R0 / DS-2CD2x32 IP cameras -
R0 / DS-2CD2x32 BrickfixV2 brick recovery and full upgrade tool - enhanced.
Unplugged the camera and plugged it back in today and seems to be working fine. No need to reset the password again.
alastairstevenson
Staff member
That's good.
It would be worth checking ShieldsUp! again.
That inbound access it found is unexplained.
Did you power cycle the router after disabling UPnP?
Sorry for the delayed response. Yes power cycled router.
Everything seems to be functioning as expected still. I will post back if anything changes. I appreciate all of the help from everyone.