You clearly have a lot of time on your hands lol… enjoy!
FYI - if you are currently port forwarding, do expect to eventually be cyber hijacked .
if you think they would be after you , your living in a dreamland.
Sounds similar to those who say:
"Why would cyber criminals call your grand mother.. she knows nothing about computers .. "
Clearly you've not been paying attention to the world of cyber attacks .. and thus I see you wish to denigrate those who know more than you on this topic.
Why does an attacker want to cyberhijack you?
1) because they can. ( cyber "joyrides" )
2) because your IP devices and internet connectivity is useful for them to attack bigger fish. ( stealing your car to commit crimes, or stealing your ID to commit crimes )
3) because even you, have something of value for them to steal.. ( your ID, your bank accounts, your email accounts, .. etc.. )
I’m not sure how you come up with the word “denigrate” , look it up. My point is people spend to much time on things like this whereas the risk IMO as this is forwarding a port to a nvr and not a computer. Even with a vpn there are still dangers. If you have a lot of time on your hands and feel that having your nvr compromised is something you cannot live with then everyone owning Q-See nvr should go with a vpn or replace there equipment now as this equipment is no longer being supported or updated.
Take note on the following statements.
Can you get hacked through port forwarding? Yes. If you take security precautions, is it likely? Not really.
Your initial statement was: if you think they would be after you , your living in a dreamland.
That is clearly not the case, as cyber attacks are reaching in the homes of of those connected to the internet.
Yes, port forwarding and exposed services to all are a significant IT security issue.
NVR = a computer .. just not getting updated as frequently as a proper PC that is within the OS support window.
I am an MCSE (Microsoft Certified Systems Engineer) and a CCNP (Cisco Certified Networking Professional).
Countless people come to this forum depending on kind and generous help from others more able than they are, hoping for help to overcome their technological knowledge gap. I say 'thank you' to patient contributors like @mat200
for enlightening many of us (including me).
As someone whose business includes securing networks and their child nodes and applications, it's frustrating to see people like @RBurn
, who know dangerously little and yet opine with authority in ways that can only serve to put others' security in deeply serious peril.
shows his ignorance in several places, but especially in the self-evident, singular statement in which he quotes an article referenced out of context: "Can you get hacked through port forwarding? Yes. If you take security precautions, is it likely? Not really."
Notice that he himself writes just two sentences earlier, "If you have a lot of time on your hands and feel that having your nvr compromised is something you cannot live with then everyone owning Q-See nvr should go with a vpn or replace there equipment now as this equipment is no longer being supported or updated."
Here's the proper context to the statement quoted from the article:
Step #1 in taking necessary security precautions is to maintain your systems properly updated and patched. This entire, lengthy thread is premised on a set of systems that not only haven't been supported since February 2021 - which necessarily means that the systems won't be maintained with necessary security patches and updates - but whose parent company is now defunct. By definition therefore, NO ONE
CAN TAKE PROPER PRECAUTIONARY STEPS TO SECURE ANY
Q-SEE SYSTEM ON THE OPEN INTERNET. The best one can do is to hide it behind a well-configured and updated router and firewall and as has been suggested ad nauseam in this thread by many: connect to it remotely through a well-configured VPN (Virtual Private Network).
Notice that even the article referenced by @RBurn
doesn't say that systems using port forwarding can't be hacked - just that it's not likely
. One reason is that viruses, malware, Trojans and the like are written by hackers first
. Only after
these coded predators are discovered (by having caused damage) is it that antidotes we call 'antivirus', 'security patches' and 'system updates' can be written. First
comes the creation of the damaging worm or predatory piece of code, then
comes the antidote. In the interim we usually see a whole lot of damage.
Many such predators are written specifically to do their damage months and even years after their infiltration into systems - specifically so they can propagate extensively to many thousands or even millions of machines and networks before
they're discovered and an antidote can be written. In other words, the newest virus may already be living dormant and undetectable inside your computer without you even knowing it... just waiting for the clock to strike the time prescribed as written in code for it to do its damage - well after enough time has passed for it to infect thousands or even millions of systems and networks.
is welcome to take his ignorant risk if he cares to. I strongly recommend to more sensible folks not to follow his ill-informed lead.
As an aside regarding network security: the hacker may not be interested in your cameras, but for sure
he's interested in getting into
your network. If you don't think that attempts are regularly being made to attack your networks, run Wireshark or some other network-sniffing, packet scanning tool and watch your jaw drop. There are easily hundreds and even thousands of such hacking attempts constantly attacking your network on any given day. I'm talking about your
network - not just the network of the guy sitting next to you. That's why you should always properly configure, update and patch your routers, firewalls and computing systems.
While the hacker may not be interested in your cameras, he is
interested in the weakest link inside your network. He can use that weakness to get inside your network and once inside, he can run for example, a Cisco 'cdp neighbors' command or similar to see other devices on the internal network segment. Once inside the network, from there - from within your router or computer or NVR for example - he can easily hop into whichever other device that's hosted on the network.
Let me scare all of you with real facts and especially you, @RBurn
, because you really need it:
Once inside a node within your networked computer, a hacker can for example, install a silent keystroke logging app. Such apps are often light-weight, hidden from Windows' list of processes and not listed in the Programs directory - essentially hidden from you even as it operates. Its function? To record your keystrokes and their associated web sites as you're entering data (like when logging onto your bank account) and then sending lower-level network Layer 3 packets containing the sensitive information to remote servers.
People like @RBurn
may be too stubborn to realize they were wrong all along. In this scenario I wouldn't be surprised to find such a person grilling his visiting niece or nephew, wondering which of them cleaned out his bank account after stealing his or her banking password. Hopefully the niece or nephew receives a just and profuse apology once the bank informs such stubborn folk that the crime originated from China, Russia, India, Nigeria or any number of other places where such hackers abound and which are too far removed from American authorities to be prosecuted and put where they belong: behind bars.