Looking for advice in locking down my system

bfollowell

Young grasshopper
Joined
Dec 11, 2015
Messages
77
Reaction score
22
Location
Evansville, IN
Currently, our camera setup includes a Hikvision DS-2CD2442FWD-IW in our great room and a cheap Foscam R4S monitoring the inside of our garage. They're both connected via ethernet and recorded through Blue Iris. I plan to start adding outdoor cameras soon, but that's what we have now.

A week or two ago, my wife swears she heard someone call her name through the Hikvision. I reviewed the footage, but I couldn't make much of anything out.

Now, just a few minutes ago, she was in the little closet under our stairs where I keep all of our network equipment and the little Blue Iris server. From the cheap little speaker in HP server, she distinctly heard someone say "Hey hot momma!"

I've never really done anything to secure our cameras and it looks like that needs to change ASAP. I guess the first thing I need to do is go in and change the access passwords for them, but I know there is more that I need to do. I mean, I know nothing is unhackable, but I want to do my due diligence to say I've done everything that I can do. So, that's why I'm here. Where do I start? What all should I do/look into?

Thanks.
 

wittaj

IPCT Contributor
Joined
Apr 28, 2019
Messages
24,428
Reaction score
47,549
Location
USA
Since you are running Blue Iris, add a second Ethernet port to the computer and run the cameras into that. It is called a dual NIC system and is the cheapest way to get the cameras off the internet.

You need to get the cameras off the internet and off the router.
 

sebastiantombs

Known around here
Joined
Dec 28, 2019
Messages
11,511
Reaction score
27,690
Location
New Jersey
The internet is a veritable sewer of hackers. You need to stop any P2P and port forwarding at your router. If you want to view/access your system from outside of your local LAN use a VPN.

VPN Information Thread
 

bfollowell

Young grasshopper
Joined
Dec 11, 2015
Messages
77
Reaction score
22
Location
Evansville, IN
Thanks Rob! Excellent information on the dual-NIC. I'd never thought of that or even heard of it, but that looks like it would be very helpful, and a great way to help keep things segregated. I've been planning to pickup a POE switch soon, before I start picking up my outdoor cameras, so this gives me a lot to read up on and learn.
 

mat200

IPCT Contributor
Joined
Jan 17, 2017
Messages
13,649
Reaction score
22,741
Currently, our camera setup includes a Hikvision DS-2CD2442FWD-IW in our great room and a cheap Foscam R4S monitoring the inside of our garage. They're both connected via ethernet and recorded through Blue Iris. I plan to start adding outdoor cameras soon, but that's what we have now.

A week or two ago, my wife swears she heard someone call her name through the Hikvision. I reviewed the footage, but I couldn't make much of anything out.

Now, just a few minutes ago, she was in the little closet under our stairs where I keep all of our network equipment and the little Blue Iris server. From the cheap little speaker in HP server, she distinctly heard someone say "Hey hot momma!"

I've never really done anything to secure our cameras and it looks like that needs to change ASAP. I guess the first thing I need to do is go in and change the access passwords for them, but I know there is more that I need to do. I mean, I know nothing is unhackable, but I want to do my due diligence to say I've done everything that I can do. So, that's why I'm here. Where do I start? What all should I do/look into?

Thanks.
Hi @bfollowell

Time to review the security settings of your router ..

If you do not have a good router, time to upgrade ..
 

bfollowell

Young grasshopper
Joined
Dec 11, 2015
Messages
77
Reaction score
22
Location
Evansville, IN
Hi @bfollowell

Time to review the security settings of your router ..

If you do not have a good router, time to upgrade ..
I have a Linksys WRT3200ACM router and my wi-fi extender is a TP-Link AC1750 WiFi Extender. I think they're both very capable and relatively secure, assuming I have things setup well. I'm certain I'm past due to review the security settings of both, as well as making certain their firmware is up-do-date though. If there's any deficiencies, I'm fairly certain that they're me, and not the equipment.

Thanks for the advice.
 

Mike A.

Known around here
Joined
May 6, 2017
Messages
3,825
Reaction score
6,377
Something's not right if you have people accessing your cams. How do you view your cams remotely?

If you've not updated the firmware on the cams, then should do that too. There have be a few exploits of Hikvision and Foscam discovered since those cams came out. e.g.:


Another possibility is someone accessing your WiFi locally I suppose.
 

fenderman

Staff member
Joined
Mar 9, 2014
Messages
36,897
Reaction score
21,250
You either port forwarded your cameras yourself or you have upnp enabled on your cams which is providing the entire internet with direct access to your cameras. Password is irrelevant as there are many hacks/backdoors particular on unpatched older cams. As others have said take them off the net. For now, simply disabling upnp on BOTH the camera and router and disabling any port forwarding for the cams should stop the creeps.
 

Rob2020

Getting comfortable
Joined
Oct 2, 2020
Messages
987
Reaction score
2,555
Location
OR USA
Thanks Rob! Excellent information on the dual-NIC. I'd never thought of that or even heard of it, but that looks like it would be very helpful, and a great way to help keep things segregated. I've been planning to pickup a POE switch soon, before I start picking up my outdoor cameras, so this gives me a lot to read up on and learn.
It is actually pretty easy.

In simplest form, buy a spare NIC card, drop it in your PC in a spare PCIe slot, configure properly using the guidance on this site.

There are some really good diagrams on this site which makes it even easier to get the correct hookup.
 

NightLife

Getting comfortable
Joined
Sep 10, 2021
Messages
490
Reaction score
1,096
Location
Canada
That is creepy as hell!


How large an attack surface does your network have? What else is vulnerable? What else has been potentially become an attack vector already?


You may have work to do, beyond just keeping cameras off the web.
 
Top