P2P Safety & Secure?

[Nick70068]

Did your logs show access and an ip#? Did they use “admin”?

How are you accessing the NVR ? Port forwarding? Depending on the age of your machine and FW they don’t have to crack your password. Put a non updated 5+ year old windows PC exposed via port 80 forwarding on the internet and see how long it lasts.

Have you posted your QR code or serial number to the web?

Can’t be sure you were really hacked. Lots more to know

I always access the NVR either at the NVR or through web browser on my private network. I seldom use P2P, but that port was open. They were able to log into the admin account. QR code, serial number or password has never been put on the web or made public. I knew Dahua did have a backdoor password, but my MVR wasn't listed and when I tried the calculated password it wouldn't work.

Hacked? If they got into the system, I would say yes. According to the logs, they only looked at the different cameras. BTW, I am a retired IT Analyst from a large university in Louisiana.

 

[bigredfish]

Cool, I'm not but have been through more than a couple of these incidents thus my questions.

If they actually logged in, that fits my definition of hacked. did they do so with an external IP that should be shown in the logs? or somehow use a LAN IP? A decent fireall appliance like the $350 I use would easily show that, you probably have better stuff than me.

I've yet to see an actual case of hacked NVR via P2P without other security failures (ie using the P2P port and some type of program to break in and login using admin creds.).
Im quite sure its possible, anything and anyone including the biggest and best orgs and companies in the world are routinely hacked.

I think P2P for our NVR remote purposes is an adequate risk and a VPN is a step up.