I double checked I’ve definitely disabled upnp and p2p on the nvr and router. But im still able to use hikconnect remotely
Hikvision RCE Vulnerability
- Thread starter Mike_Larry
- Start date
I also use Hik-Connect just fine. I was constantly getting illegal log in attempts on my NVR and alerts from Xfinity about ip attempts on all previous cameras and then the new NVR. As soon as I turned off UPnp on the NVR and my router (as suggested by this board) I haven’t received one alert from NVR or router. Worker like a charm.
fenderman
Staff member
- Mar 9, 2014
- 36,892
- 21,408
Hik connect requires either manual port forwarding or port via upnp or p2p to operate, otherwise, how can you possibly remote view .
I would not trust hik p2p.
You only receive illegal login notifications when a bot tries to guess your password. If the attacked occurs via a backdoor you would never know.
Hello guys, hope you guys are keeping well. As advised im planning to purchase a good router with good vpn capabilities. Just wanted to clarify a few things regarding vpn’s and their compatibility with hikvision systems.
If i install a vpn on my router and then connect my dvr to the router. Will i be the only person who would be able to access my dvr as il have the vpn certificate, username and login?
Would i still receive push notifications to my phone on apps like HikConnect and ivms?
How would i access my camera feeds remotely. Would i still be able to use apps like Hik-Connect and ivms or would i have to access via a web browser? I am using an iPhone.
Really appreciate all the help you guys are providing. Thanks again
If i install a vpn on my router and then connect my dvr to the router. Will i be the only person who would be able to access my dvr as il have the vpn certificate, username and login?
Would i still receive push notifications to my phone on apps like HikConnect and ivms?
How would i access my camera feeds remotely. Would i still be able to use apps like Hik-Connect and ivms or would i have to access via a web browser? I am using an iPhone.
Really appreciate all the help you guys are providing. Thanks again
Anyone that has the user and password could connect while connected to the LAN.
If they are away from the home, then they could only connect if they had the OpenVPN credentials.
When remote and connect back to OpenVPN then everything will work just like you are sitting at home since you VPN'd back into your system.
Thanks again Wittaj.
Just to clarify what you said - so a VPN is only affective when accessing remotely and would not provide any security if someone’s on my LAN?
And also once i have the vpn installed on my router i would stop receiving push notifications whilst im off my LAN?
Would i still be able to use apps like Hik-Connect remotely?
Yep, the VPN is only for use outside of the home. So anyone on the LAN that knows the user/pw and can find the IP address can log in.
Many of these devices require P2P to be working and the NVR connected to the internet in order to receive push notifications. If you lose push notifications when you fully secure your NVR, then you could use the pushover app ($5) to have the NVR send out an email to pushover that is then pushed out to their app.
You should be able to use Hik-Connect remotely when connected to the VPN unless they go and require internet access for Hik-Connect to work.
Many of these devices require P2P to be working and the NVR connected to the internet in order to receive push notifications. If you lose push notifications when you fully secure your NVR, then you could use the pushover app ($5) to have the NVR send out an email to pushover that is then pushed out to their app.
You should be able to use Hik-Connect remotely when connected to the VPN unless they go and require internet access for Hik-Connect to work.
Thanks Wittaj. Ive purchased a Draytek 2866 from Amazon. I haven’t opened it still in the wrapper. Anyone know if they’re any good and also anyone have any knowledge on how to setup my dvr on it?