Hitting cameras web pages with a laptop in an NVR with POE

Camera Guy999 said:
Maybe you mate ? lol

And I don’t need to re read it, he gave a comprehensive talk on something that can now be done in 3 seconds Flat…

never mind hey? You tried and you failed… nothing to be ashamed of lol
Click to expand...

You are wrong. There are examples daily about cameras and NVR's being hacked.

VPN Primer for Noobs | IP Cam Talk

Hikvision Honeypot Hackathon

We get quite a lot of posts about port forwarding - and quite a lot of good advice in response about the risks, and pointers to more secure remote access methods. And we still get posts related to the Hikvision backdoor vulnerability, where camera passwords are mysteriously lost, or cameras...
ipcamtalk.com ipcamtalk.com

Cyber Security

ipcamtalk.com ipcamtalk.com
 
  • Like
Reactions: TonyR and bigredfish
looney2ns said:
You are wrong. There are examples daily about cameras and NVR's being hacked.

VPN Primer for Noobs | IP Cam Talk

Hikvision Honeypot Hackathon

We get quite a lot of posts about port forwarding - and quite a lot of good advice in response about the risks, and pointers to more secure remote access methods. And we still get posts related to the Hikvision backdoor vulnerability, where camera passwords are mysteriously lost, or cameras...
ipcamtalk.com ipcamtalk.com

Cyber Security

ipcamtalk.com ipcamtalk.com
Click to expand...

lol - from the mouths of people with no clue…
I’m a network engineer by trade turned cctv engineer.
let me explain for you…. When you port forward you open a direct line to that port only no where else so let’s say adding port :8091 and pointing it to your NVR, this would only take you to your NVR’s login screen where if you you have it set up right you get six attempts then the nvr blacklists you for x amount of minutes which increase each time until it blocks access to you.

Besides the fact your ip will most likely be dynamic even if you have a static ip your router should have port sniffing protection turned on so you can’t simply use a site or software to find open ports….

In short if you were hacked in this manor it would be your own fault for sharing the ip and port number , guessing these is like guessing the lottery numbers if you can’t Port scan lol
 
Camera Guy999 said:
lol - from the mouths of people with no clue…
I’m a network engineer by trade turned cctv engineer.
let me explain for you…. When you port forward you open a direct line to that port only no where else so let’s say adding port :8091 and pointing it to your NVR, this would only take you to your NVR’s login screen where if you you have it set up right you get six attempts then the nvr blacklists you for x amount of minutes which increase each time until it blocks access to you.

Besides the fact your ip will most likely be dynamic even if you have a static ip your router should have port sniffing protection turned on so you can’t simply use a site or software to find open ports….

In short if you were hacked in this manor it would be your own fault for sharing the ip and port number , guessing these is like guessing the lottery numbers if you can’t Port scan lol
Click to expand...
I don't want you engineering my network.
You should know better.

It's funny. Some of the most dangerous advice we've had on this board is from people claiming to be "I work an IT or I'm a network engineer." You troll much?
 
  • Like
  • Love
Reactions: Yo Momma, sebastiantombs, bigredfish and 1 other person
Camera Guy999 said:
lol - from the mouths of people with no clue…
I’m a network engineer by trade turned cctv engineer.
Click to expand...
I've known plenty of "engineers" that couldn't pour pee out of a boot if the instructions were written on the heel.
That degree, certification or title means that once upon a time you took a test or two and knew the correct answers, that's all.
So you have a framed piece of paper to hang on the wall? If you do, I think you'll get better use out of it by wiping your ass with it.
Camera Guy999 said:
Besides the fact your ip will most likely be dynamic even if you have a static ip your router should have port sniffing protection turned on so you can’t simply use a site or software to find open ports….
Click to expand...
Instead of "dynamic" or "static" IP don't you mean "public" or "private" IP? I guess to a skilled "network engineer" with a "port scanner" it shouldn't matter, right?

Now THAT was a rant! :p:headbang:
 
Last edited:
  • Like
  • Love
Reactions: sebastiantombs, bigredfish and looney2ns
TonyR said:
I've known plenty of "engineers" that couldn't pour pee out of a boot if the instructions were written on the heel.
That degree, certification or title means that once upon a time you took a test or two and knew the correct answers, that's all.
So you have a framed piece of paper to hang on the wall? If you do, I think you'll get better use out of it by wiping your ass with it.

Instead of "dynamic" or "static" IP don't you mean "public" or "private" IP? I guess to a skilled "network engineer" with a "port scanner" it shouldn't matter, right?

Now THAT was a rant! :p:headbang:
Click to expand...

that’s not a rant that’s just a bellend who failed to understand plus my “certificate” trumps your failure at GCSE’s or what ever the special school you attended gave out ;)

As for your public and private ip comment…

That would be the rant of someone who hasn’t got a clue who went to google for answers before commenting so he could sound like he understood…;)

a dynamic ip is obtained by your router on restart and changes every time your router restarts…

a static ip is an IP purchased from your provider usually in a block and will allow you to maintain access to your kit remotely without the use of say tunnelling or peer to peer …

but of course as a “straight to google when you don’t have a clue” connoisseur you already knew that? :highfive:;)

Better luck next time hey? lol
 
  • Haha
  • Like
  • Wow
Reactions: Yo Momma, sebastiantombs, TonyR and 1 other person
Camera Guy999 said:
a dynamic ip is obtained by your router on restart and changes every time your router restarts…

a static ip is an IP purchased from your provider usually in a block and will allow you to maintain access to your kit remotely without the use of say tunnelling or peer to peer …
Click to expand...
OK, so you passed my little test...you DO know how to Google! :lmao:
 
  • Like
Reactions: sebastiantombs, looney2ns and Flintstone61
Camera Guy999 said:
Lol that’s your comeback some poor attempt to rehash my comment? Good job… ;):thumb:
Click to expand...
Thanks, I appreciate your insight. Now here's mine:

You stated "a dynamic ip is obtained by your router on restart and changes every time your router restarts… "
That is NOT necessarily true...did you read that somewhere or did your network engineering class teacher tell you that?

Your problem is although you might be very knowledgeable when it comes to networking, you think you know all there is to know about the subject...and that makes you 'dangerous'.

In my case, I know what I know BUT...I also recognize my shortcomings on a particular topic and my ears and eyes are open and functioning. The Good Lord gave me two eyes, two ears but only one mouth for a good reason.

Not all of my knowledge is based on what I read or was taught and most has been gained by practical, hands-on experience. As stated in my signature, "Knowledge and wisdom don't always arrive on the same bus."

I sincerely wish you good luck with your future posts on this forum and perhaps in this thread, as I don't plan on engaging you any more on this particular thread or topic. I do hope you are able to contribute something of value to those that come here to obtain answers and help and I do not want them to waste their time wading through this type of useless exchange between its members. To them I am sorry that I may have contributed to that waste or confusion.

I won't elaborate but I may not have as much time to participate on this forum as I would like, not too sure of the future but in any event, I don't want to spend it like this...it's of no value to anyone, including myself.

Again, best wishes. :cool:
 
Last edited:
  • Like
  • Love
Reactions: AP514, Yo Momma, sebastiantombs and 3 others
Camera Guy999 said:
lol - from the mouths of people with no clue…
I’m a network engineer by trade turned cctv engineer.
let me explain for you…. When you port forward you open a direct line to that port only no where else so let’s say adding port :8091 and pointing it to your NVR, this would only take you to your NVR’s login screen where if you you have it set up right you get six attempts then the nvr blacklists you for x amount of minutes which increase each time until it blocks access to you.

Besides the fact your ip will most likely be dynamic even if you have a static ip your router should have port sniffing protection turned on so you can’t simply use a site or software to find open ports….

In short if you were hacked in this manor it would be your own fault for sharing the ip and port number , guessing these is like guessing the lottery numbers if you can’t Port scan lol
Click to expand...
WOW, I guess the "Other Network engineers" who scan and probe businesses networks for exploits, and tell the clients they will be shutting down their credit card readers because of open ports to a NVR have just been telling us a bunch of bullshit the last 6 years.
I'm sure mastercard and visa don't know what they are talking about anyway. Sure its only a little risk and we can chance also that there is not other equipment on that network that is not patched or had weak credentials. So Yes go ahead and leave it open.
Great advise.
 
  • Like
  • Haha
Reactions: Yo Momma, sebastiantombs, TonyR and 1 other person
You must log in or register to reply here.
Top Bottom