Q-See Closing Doors Jan 31st 2021 No More Remote Viewing, Options to fix
- Thread starter alexj
- Start date
mat200
IPCT Contributor
- Jan 17, 2017
- 15,048
- 25,380
mat200
IPCT Contributor
- Jan 17, 2017
- 15,048
- 25,380
FYI - example of the issues of threats due to exposure of IP cameras / Iot products on the internet, and this includes port forwarding
Unauthenticated Remote Code Execution (RCE) vulnerability in Hikvision IP camera/NVR firmware (CVE-2021-36260)
ipcamtalk.com
Thanks @watchful_ip excellent job.
Thanks @alastairstevenson @iTuneDVR @Securame @rawinek @cyrusbyte
Unauthenticated Remote Code Execution (RCE) vulnerability in Hikvision IP camera/NVR firmware (CVE-2021-36260)
Unauthenticated Remote Code Execution (RCE) vulnerability in Hikvision IP camera/NVR firmware (CVE-2021-36260)
Unauthenticated Remote Code Execution (RCE) vulnerability in Hikvision IP camera/NVR firmware (CVE-2021-36260) https://watchfulip.github.io/2021/09/18/Hikvision-IP-Camera-Unauthenticated-RCE.html RFC Response...
Thanks @watchful_ip excellent job.
Thanks @alastairstevenson @iTuneDVR @Securame @rawinek @cyrusbyte
Do you happen to know where I can get Q-See QTView software for Windows? I have it installed on my old PC, but I would like to install it on my new one. I don't want to run an Android version in a PC emulation mode.
-----
I say:
I am an MCSE (Microsoft Certified Systems Engineer) and a CCNP (Cisco Certified Networking Professional).
Countless people come to this forum depending on kind and generous help from others more able than they are, hoping for help to overcome their technological knowledge gap. I say 'thank you' to patient contributors like @mat200 for enlightening many of us (including me).
As someone whose business includes securing networks and their child nodes and applications, it's frustrating to see people like @RBurn, who know dangerously little and yet opine with authority in ways that can only serve to put others' security in deeply serious peril.
@RBurn shows his ignorance in several places, but especially in the self-evident, singular statement in which he quotes an article referenced out of context: "Can you get hacked through port forwarding? Yes. If you take security precautions, is it likely? Not really." Notice that he himself writes just two sentences earlier, "If you have a lot of time on your hands and feel that having your nvr compromised is something you cannot live with then everyone owning Q-See nvr should go with a vpn or replace there equipment now as this equipment is no longer being supported or updated."
Here's the proper context to the statement quoted from the article:
Step #1 in taking necessary security precautions is to maintain your systems properly updated and patched. This entire, lengthy thread is premised on a set of systems that not only haven't been supported since February 2021 - which necessarily means that the systems won't be maintained with necessary security patches and updates - but whose parent company is now defunct. By definition therefore, NO ONE CAN TAKE PROPER PRECAUTIONARY STEPS TO SECURE ANY Q-SEE SYSTEM ON THE OPEN INTERNET. The best one can do is to hide it behind a well-configured and updated router and firewall and as has been suggested ad nauseam in this thread by many: connect to it remotely through a well-configured VPN (Virtual Private Network).
Notice that even the article referenced by @RBurn doesn't say that systems using port forwarding can't be hacked - just that it's not likely. One reason is that viruses, malware, Trojans and the like are written by hackers first. Only after these coded predators are discovered (by having caused damage) is it that antidotes we call 'antivirus', 'security patches' and 'system updates' can be written. First comes the creation of the damaging worm or predatory piece of code, then comes the antidote. In the interim we usually see a whole lot of damage.
Many such predators are written specifically to do their damage months and even years after their infiltration into systems - specifically so they can propagate extensively to many thousands or even millions of machines and networks before they're discovered and an antidote can be written. In other words, the newest virus may already be living dormant and undetectable inside your computer without you even knowing it... just waiting for the clock to strike the time prescribed as written in code for it to do its damage - well after enough time has passed for it to infect thousands or even millions of systems and networks.
@RBurn is welcome to take his ignorant risk if he cares to. I strongly recommend to more sensible folks not to follow his ill-informed lead.
As an aside regarding network security: the hacker may not be interested in your cameras, but for sure he's interested in getting into your network. If you don't think that attempts are regularly being made to attack your networks, run Wireshark or some other network-sniffing, packet scanning tool and watch your jaw drop. There are easily hundreds and even thousands of such hacking attempts constantly attacking your network on any given day. I'm talking about your network - not just the network of the guy sitting next to you. That's why you should always properly configure, update and patch your routers, firewalls and computing systems.
While the hacker may not be interested in your cameras, he is interested in the weakest link inside your network. He can use that weakness to get inside your network and once inside, he can run for example, a Cisco 'cdp neighbors' command or similar to see other devices on the internal network segment. Once inside the network, from there - from within your router or computer or NVR for example - he can easily hop into whichever other device that's hosted on the network.
Let me scare all of you with real facts and especially you, @RBurn, because you really need it:
Once inside a node within your networked computer, a hacker can for example, install a silent keystroke logging app. Such apps are often light-weight, hidden from Windows' list of processes and not listed in the Programs directory - essentially hidden from you even as it operates. Its function? To record your keystrokes and their associated web sites as you're entering data (like when logging onto your bank account) and then sending lower-level network Layer 3 packets containing the sensitive information to remote servers.
People like @RBurn may be too stubborn to realize they were wrong all along. In this scenario I wouldn't be surprised to find such a person grilling his visiting niece or nephew, wondering which of them cleaned out his bank account after stealing his or her banking password. Hopefully the niece or nephew receives a just and profuse apology once the bank informs such stubborn folk that the crime originated from China, Russia, India, Nigeria or any number of other places where such hackers abound and which are too far removed from American authorities to be prosecuted and put where they belong: behind bars.
Hi all,
The original post was about Q-See going out of business and stopped remote view. Its been almost 10 months I been using remote view as per their latest guidance they launched in Jan 30, 2021. It was working fine. I was using DMSS app for Q-see camera as Q-see app stopped due to not doing latest update.
I have been using Ip/Domain, I used my router IP address, Port: 37777 and NVR username and Password.
I turned on DHCP in NVR too and DMZ in the router. But recently DMSS app says Login Timeout and I tried Q-see app, its say failed connection. I tried different port too. Also tried this guy but not working at all. Any help would appreciate it.
The original post was about Q-See going out of business and stopped remote view. Its been almost 10 months I been using remote view as per their latest guidance they launched in Jan 30, 2021. It was working fine. I was using DMSS app for Q-see camera as Q-see app stopped due to not doing latest update.
I have been using Ip/Domain, I used my router IP address, Port: 37777 and NVR username and Password.
I turned on DHCP in NVR too and DMZ in the router. But recently DMSS app says Login Timeout and I tried Q-see app, its say failed connection. I tried different port too. Also tried this guy but not working at all. Any help would appreciate it.
mat200
IPCT Contributor
- Jan 17, 2017
- 15,048
- 25,380
What he said,
I use QT view and openvpn for remote access and it works great.
No P2P no open ports no third party software and no hardware to change.
Didn't bother me a bit when they went belly up, I had no interruption of service. Heck I wouldn't have known they went out of business had I not read about it here!
The thing will eventually age out or die but no need to replace a Qsee DVR just because P2P no longer works, shouldn't be using it anyway.
Last edited:
I've been using this software for ages now but for some reason I unplugged the NVR and all the ethernet cables (was planning on swapping out the harddrive, but then didn't yet). Plugged everything back in exactly how it was and now I can still connect to the NVR but for some reason it's not recognizing the cameras. Any ideas? I've rebooted the router, the switch, the NVR, tried everything I know so far... still not recognizing the cameras even though they're plugged directly into the NVR.
Thanks - I just tried this though and the camera is "flicking" on the IR, so it's definitely getting power. When I go to open the cameras though it just says "Searching Video" and then eventually "search stream timeout". Really very strange. I'm about to order a new system because I can't be "down" for too long and I've checked all of the settings, I haven't changed anything. The only thing I can think of is if something got reset when it was without power for 5-10 minutes.
Did you do a proper shut down by turning off the NVR within the software not just unplugging? I had one fry from a power outage this way before adding a ups. Also, let the nvr power up for a few minutes before plugging cameras in, and then one at time waiting about 10 minutes in-between.
Last edited:
mat200
IPCT Contributor
- Jan 17, 2017
- 15,048
- 25,380
Hi @jl266
I am guessing there is either
1) an IP issue
2) user / password sync issue
3) port issue
If you have a poe switch, you can connect the camera to the switch and a laptop / pc and scan for IP number the camera is set to.
( look for threads on that topic .. remember you need some basic IP address / subnet knowledge here .. Dahua has a config tool to help also .. you can also download and use SmartPSS on a laptop - I am assuming that you have a Dahua OEM kit .. )
I’m a newbie to ALL of this so pardon my ignorance, I just inherited a home with an older Q see system which I believe has the DVR not the NVR. We are trying to figure out how to set up to remote view but I am lost with all the tech talk about VPN and port forwarding and all of that. I was thinking about a new router with VPN but not sure how to set that up on a mobile device to view from on the road (I’m an OTR trucker) to be able to keep an eye on my new home
Start here,
VPN Primer for Noobs
The internet is a force of nature; no video surveillance system made was designed to be exposed to those forces.. NEVER FORWARD PORTS to your NVR or Cameras, doing such things not only exposes you to severe security problems, but everyone else on the internet too.. Hackers dont want your video...
Then make a factory default on the nvr and then re-add those cams again.
Hey everyone,
SOOO... I found a cam in my garage which I bought a whilllle back. Its the Q-See cube came which advertises itself as a 4K.. Fine..
It looks like the hikvision cube cams which I have plenty of but those are 2MP and I bought this one back in the day to see if I can upgrade but never got around to opening the box.
I tried hooking it up, the Q-See app does not work as it displayed a Network Error which I see is common for all, so not surprised.
I continued to use the Dahua Config Tool and it pulled up the cam without issue and found the IP address that way (but I already had it from my Ubiquiti setup), but it was able to give me the port number as well.
Unfortunately, due to the lack of an online gui, it was hard to figure out how to do so until the Dahua Config Tool. With it, I was able to update the time, change the default password, and adjust the video specs, etc. so major plus for that program.
The dislikes of the Q-See 4k Cube came are:
If anyone has any ideas what model the Q-See 4k Cube is in Dahua models, that would be great.
SOOO... I found a cam in my garage which I bought a whilllle back. Its the Q-See cube came which advertises itself as a 4K.. Fine..
It looks like the hikvision cube cams which I have plenty of but those are 2MP and I bought this one back in the day to see if I can upgrade but never got around to opening the box.
I tried hooking it up, the Q-See app does not work as it displayed a Network Error which I see is common for all, so not surprised.
I continued to use the Dahua Config Tool and it pulled up the cam without issue and found the IP address that way (but I already had it from my Ubiquiti setup), but it was able to give me the port number as well.
Unfortunately, due to the lack of an online gui, it was hard to figure out how to do so until the Dahua Config Tool. With it, I was able to update the time, change the default password, and adjust the video specs, etc. so major plus for that program.
The dislikes of the Q-See 4k Cube came are:
- No POE - This is a MAJOR issue for me due to the cameras being mounted on the ceiling and I was hoping to replace the 2MP with the 4K one
- No mounting point on the back of the camera, only on the stand itself, which is not great for me.
- Though the camera is supposed to be 2-way talk, but I cannot figure out what Dahua model of the camera to use in order to get the MICROPHONE to work on my phone to communicate back to the camera.
If anyone has any ideas what model the Q-See 4k Cube is in Dahua models, that would be great.
My Q-see phone app and outside access still works after setting up a NoIP.com DDNS account...... it stopped connecting when the q-see DDNS server shut down.