November 21, 2016
Hi Everyone
IVe been having problems with my analogue box for a few months now - interfering with my Internet and also Live View on web interface not behaving. Well, I got a new system and while I was dismantling the old one and checking settings for transfer across etc, I noticed it had been hacked. Please see this link https://www.securitycameraking.com/secur ... revent-it/
and http://www.pcworld.com/article/3089346/ ... tacks.html. This led me to believe I have been hacked. HAve I?
In the first link, that's exactly what I found on my box - an additional user called "system" which said your box has been hacked please secure. I also had the same web interface issues with Live Preview.
My installer put this in nearly 3 years ago and at the time he only told me to change my admin password which I did. I left the factory password alone as that's what I was advised to do. It was the usual Dahua 888888. So I think that's where and why it was hacked so easily. For what nefarious means I don't know. I haven't been burgled while this was going on, so it's not for that purpose. I did have all the internet issues whereby intermittently since the web interface issues (which is since it was hacked), and my internet would slow down so it was unusable even with an ethernet cable straight into the router. Then it would free up again for a while before it happened again. I don't know if that was hackers using my CCTV box as a route for DDos attacks (not that I now what they are, just that they use up all your bandwidth - can someone explain please?) or maybe it was the firewall kicking in on the router/home hub and stopping our access so we couldn't be hacked - is this possible in theory?
My BIG question is though, with all this in mind, does anyone know if, once the CCTV box has been breached, home data on laptops, Macs, iPhones etc is compromised or could my theory about the firewall be correct? I had DMZ ticked on my router for at least the past 6 months, but not prior. What does this do? I was just told to do that. The router was set up as a DNS with port forwarding.
And another question....are the new P2 P boxes secure or not?
If you see a user "system - you have been hacked please secure your system" or something of that nature, then yes you were hacked.
Most likely the attacker used the recorder as a bridge to your network. You need to remove that username completely, and make sure to make some password adjustments.
The most important thing for you to do here is make sure "DMZ" is not enabled in your router/modem/firewall. This is how they are gaining access through the telnet port of 23.
DMZ stands for demilitarized zone, it opens up every port available to one device on your network leaving your device vulnerable on the internet. To gain access to your machine remotely you need to have port forwarding done, and remove the DMZ.
November 21, 2016
Heath Phillips said
If you see a user "system - you have been hacked please secure your system" or something of that nature, then yes you were hacked.Most likely the attacker used the recorder as a bridge to your network. You need to remove that username completely, and make sure to make some password adjustments.
The most important thing for you to do here is make sure "DMZ" is not enabled in your router/modem/firewall. This is how they are gaining access through the telnet port of 23.
DMZ stands for demilitarized zone, it opens up every port available to one device on your network leaving your device vulnerable on the internet. To gain access to your machine remotely you need to have port forwarding done, and remove the DMZ.
I have a new box now. It's P2 P and that's how I have it set up at present. Is that ok? That doesn't involve the DMZ and I've also changed the passwords . Old box has been reset to factory defaults and I'm not using it now.
1 Guest(s)