Dahua NVR/ gDMSS getting to cameras from internet

a500drvr

a500drvr

n3wb
Oct 3, 2016
17
1
Looking for ideas. Been stalking the forum for a while finally purchased and installed my system. CAT6 cables throughout... Home setup was good, camera setup went smooth..all working and good.

Have gDMSS installed on my phone and it connects to my system!!!! Now this is the bad part. I did not do any port forwarding. I was setting up VPN and then going to use the application to view my cameras...VPN has not enabled..

If I scan my firewall I show no ports open.

Android is using 4G not wi-fi....

I have looked through all the NVR settings and cant find anything either.

I am perplexed...I am a network and security engineer...I should know this.

I need you Dahua experts to help me understand this... Nayer? Fenderman?
 
Universal Plug and Play - Wikipedia forwards ports all by its self without your setup; its horribly insecure and you should disable it on your router, there's also the p2p feature that will reverse tunnel out even if uPNP is disabled.
 
  • Like
Reactions: Fastb, a500drvr and fenderman
Meraki MX device. Does not forward Universal P&P. Looking through all the settings and their documentation... Im perplexed.. maybe need to get to the cli and look at the logs, gui logs dont show anything
 
Update for all....fixed..

tcpdump on traffic... Dahua NVR sends udp port 17 traffic to AWS....54.183.155.14.. same systems sends udp back...keeps session and flows open..(found no documentation of this , as NVR has nothing configured)

when you use the mobile app Mothership just connects to the open session..YOUR NVR....

So probably not too bad, wanted to set up VPN... But unless NVR first established connection, port is not open to the outside..

Nayr thoughts?
 
Thats the P2P Functionality, you can disable it
 
I just blocked in my firewall. I didnt see it enabled in the software. Ill look through the manual again
 
Update...

UPnP ( Universal Plug and Play was disable in the NVR. However NVR was still communicating with the Internet.

Upon further investigation Dahua has EASY4IP enabled... Not a good configuration to have open.

Thanks Nayr and others for the input
 
You must log in or register to reply here.
Top Bottom