I believe the cameras are set up to use google for dns by default, change it to the IP of your router, or change it to nothing and just hit the cams by IP only. the automatic private IP is generated by devices that can't contact a dhcp server so dunno why you are seeing that. the last one is the one you want to worry about, though it could be a harmless connection back to dahua, who knows.Guess I better start getting proficient with adding firewall rules on my router to stop these outbound connections.
I believe the cameras are set up to use google for dns by default, change it to the IP of your router, or change it to nothing and just hit the cams by IP only. the automatic private IP is generated by devices that can't contact a dhcp server so dunno why you are seeing that. the last one is the one you want to worry about, though it could be a harmless connection back to dahua, who knows.
Yeah the one camera that I posted that was reaching out to google dns I logged into last night and removed the all dns settings...even though the settings were not set to google dns...go figure (they were set to my local ISP's dns Comcast). Anyway, I removed the settings so now hopefully that will take care of that particular camera.I believe the cameras are set up to use google for dns by default, change it to the IP of your router, or change it to nothing and just hit the cams by IP only. the automatic private IP is generated by devices that can't contact a dhcp server so dunno why you are seeing that. the last one is the one you want to worry about, though it could be a harmless connection back to dahua, who knows.
Just because you can't reach your cams from out to in doesn't mean the cams can't contact Vietnam and different places from in to out if you know what I mean. In my case I had a cam that seemed to making an outbound connection to a Chinese IP as you can see from an earlier post. Best course of action in my mind is seeing if you can remove everything from the internal camera settings but the IP itself (like DNS, and Default gateway) that way it doesn't have a "path" to get outbound. But a lot of cams will not let you remove the default gateway....been there tried that. So you may have to go into router and see if there is someway you can block "outbound" connections. All this is just IMHO...YMMVI got into my router log this morning and I had a bunch of hits in the log from Vietnam and different places. I shut down a few settings and now can't access the cameras from the bi app unless I'm on the network. Should that be secure enough until I setup more secure means? I did turn on VPN.
Probably good practice to change all passwords every so often anyway. Whether or not people actually do that is another subject...hell you have people that don't even change default passwords on wireless routers when they first install them.Also, should I change all of my important passwords? I already changed my banking.
I still would go down the line starting with my router and turn off UPnP, port forwards, etc. Then go to each camera and turn off all that stuff individually to (including any cloud service stuff P2P, etc). That way you use a VPN whenever you want to connect to your cams or BI. Most modern routers the OpenVPN server is pretty straight forward to set up.It's listed as Lan access from remote. 100's of them.
I know very little about networking but using @nayr VPN for Noob post as well as the Easy WIndows Guide for OpenVP I was able to get it set up. Easy_Windows_Guide – OpenVPN CommunityWish I knew how to hack so I could test my own cameras before Dahua and other mfgs finally figure out and then get around to telling us which ones are affected before they get hacked and used for a DOS or something.
...Or I could get around to learning how to do the VPN thing I guess....but having (white hat) hacking skills would be cool.
And I think you are "underestimating" this too much! I do not want my IP cams to be network devices across the net to distribute malware to me or anyone else or to have some peeping in on my cams!You guys are sweating this too much all you need to do is make sure services like upnp are turned off.. don't port forward any ports and when your connecting to the cameras remote make sure you use a vpn.