Stop Hacking Attempts

Eagleye · Sep 15, 2018

Hey Guys,

We have had two different systems (HIK and OEM) on two different ISP all get set back to default... even the port numbers.

What’s a good way to really try to make these systems secure.

Usually I port in range of 4050-4053
username admin
Password Esec#12345

Don’t worry that’s all changed now.

But what can we do? Any information will be greatly received

alastairstevenson · Sep 15, 2018

Eagleye said:
But what can we do?

Assuming they are cameras - update the firmware to a version that does not have the backdoor vulnerability - ie 5.4.41 or higher.
And stop exposing them to the entire internet world.

SouthernYankee · Sep 15, 2018

1. Remove them from the Internet if at all possible.
2. Make sure plug and play is disabled.
3. Set up a VPN if you need internet access.
4. Passwords really provide very little security. There are back doors.

Read the cliff notes in the wlfi, and other articles in the wiki. The wiki is in the blue bar at the top of the page.

looney2ns · Sep 15, 2018

Never forward ports.
VPN Primer for Noobs

Eagleye · Sep 15, 2018

Hey guys thinks for the info.
This needs to stay on the internet, reasons are because multiple drivers need to log in quickly from the add and see where they are going to go.

Mr_D · Sep 15, 2018

Eagleye said:
Hey guys thinks for the info.
This needs to stay on the internet, reasons are because multiple drivers need to log in quickly from the add and see where they are going to go.

None of theses systems are capable of being exposed to the Internet safely. Its like you're asking how you can shoot yourself in the face without getting hurt. You can't. A VPN is safest and works with any brand NVR/camera. I use Blue Iris with ngrok.com's proxy service to access my system remotely. You'd have to pay for multiple users and you'd have to use Blue Iris, but it would be easy for the drivers to use. Or you can just keep getting hacked.

gpower07 · Sep 15, 2018

Eagleye said:
Hey Guys,

We have had two different systems (HIK and OEM) on two different ISP all get set back to default... even the port numbers.

What’s a good way to really try to make these systems secure.

Usually I port in range of 4050-4053
username admin
Password Esec#12345

Don’t worry that’s all changed now.

But what can we do? Any information will be greatly received

I have the same problem....end up change the NVR. 2 years old. now everything work great.

Raymond G · Sep 25, 2018

Eagleye said:
Hey Guys,

We have had two different systems (HIK and OEM) on two different ISP all get set back to default... even the port numbers.

What’s a good way to really try to make these systems secure.

Usually I port in range of 4050-4053
username admin
Password Esec#12345

Don’t worry that’s all changed now.

But what can we do? Any information will be greatly received

I know this is an old topic and this may not work in your scenario. What if instead of a live stream you configured the NVR or cameras to upload JPGs a website. You could configure a script to show the most current JPG and thereby not have to have the NVR on the internet. The NVR could sit on the private network and only the webserver and JPGs would be public.

This may not be workable in your area but I've considered, but not implemented, a similar solution to a problem that I have.

HTH...

flynreelow · Sep 27, 2018

VPN .. dont port fwd

Search

Stop Hacking Attempts

Eagleye

n3wb

alastairstevenson

SouthernYankee

looney2ns

Eagleye

n3wb

Mr_D

Getting comfortable

gpower07

Getting comfortable

Raymond G

Getting comfortable

flynreelow

Known around here