Dahua Starlight IPC-HDW5231RN-Z not working :(

Reading through this thread was amusing.

Can see a few issues here.
1, your cameras are talking to the Internet, either via DMZ/UPNP/Forwarded in the router.
This will cause them to spaz out with many connection attempts especially if they have been breeched.

Solution? Block them from talking to the Internet full stop.
Mine can only talk to my local lan and vpn lan, otherwise they can't get out.

Screen Shot 2017-06-06 at 11.35.33 am.png


2, you have left the default username/password, thus something in the network is hammering them, maybe some malware living in what ever devices you have in your network that haven't been updated.

Solution? Change the default admin/admin on everything you own.

3, you are running old firmware, yes the older firmware has more holes then Swiss Cheese...

Solution? Upgrade to the latest firmware.

4, Issues accessing the cameras after firmware upgrades but responds to pings.

Solution? Camera is getting hammered again but it now blocking some attempts, connect directly to your PC instead of a switch, change it's IP and password, then block it at the router, I suggest turning off UPNP.

Also block easy4ip, it's a sneaky little beast.

Screen Shot 2017-06-05 at 1.33.09 pm.png

If you follow these simple steps, it should resolve 99% of your issues.

Re bricked cameras, this would have happened because you attempted to firmware upgrade with the camera still getting hammered.
Solution? Don't do firmware upgrades unless you are directly connected to the camera.

I haven't had any issues with my cameras but that's because I follow best practice, something many of you really need to start doing.

Once who have? High 5, you are awesome! :)
 

Attachments

  • Screen Shot 2017-06-05 at 1.25.06 pm.png
    Screen Shot 2017-06-05 at 1.25.06 pm.png
    28 KB · Views: 91
Last edited:
  • Like
Reactions: beingaware
[QUOTE="EMPIRETECANDY, post: 192285, member: 26381"]Product_Firmware(DH&General)/05SD/Main_Firmware/SD-Mao-Rhea/DH/1611
This is the new one we have, so i need some guy help me to upload to a dropbox and make the updating. So Please follow @beingaware instructions. And change the password asap. and never use admin again.[/QUOTE]

Could you post the firmware version numbers for this so that we know what's inside before downloading?

Incredibly fast turnaround on mine btw. Ordered Thursday. Delivered this morning! Thanks!
 
Reading through this thread was amusing. Block them from talking.

I haven't had any issues with my cameras but that's because I follow best practice, something many of you really need to start doing.

Once who have? High 5, you are awesome! :)

Great informative post. 80% of the readers would have to be walked through this, 50% after upgrading their hardware.

I, and many others can tell you know your shit. Thanks for taking the time to help out the masses. It's appreciated, although most of the user base will have zero idea of what you typed, but we are here to help.

Kudos @beingaware

SD
 
Product_Firmware(DH&General)/05SD/Main_Firmware/SD-Mao-Rhea/DH/1611
This is the new one we have, so i need some guy help me to upload to a dropbox and make the updating. So Please follow @beingaware instructions. And change the password asap. and never use admin again.


I don't mind uploading the latest firmware to my Dropbox to share out.

Will chat to you directly about this.
 
  • Like
Reactions: Doolally
Reading through this thread was amusing.

Can see a few issues here.
1, your cameras are talking to the Internet, either via DMZ/UPNP/Forwarded in the router.
This will cause them to spaz out with many connection attempts especially if they have been breeched.

Solution? Block them from talking to the Internet full stop.
Mine can only talk to my local lan and vpn lan, otherwise they can't get out.

View attachment 18951


2, you have left the default username/password, thus something in the network is hammering them, maybe some malware living in what ever devices you have in your network that haven't been updated.

Solution? Change the default admin/admin on everything you own.

3, you are running old firmware, yes the older firmware has more holes then Swiss Cheese...

Solution? Upgrade to the latest firmware.

4, Issues accessing the cameras after firmware upgrades but responds to pings.

Solution? Camera is getting hammered again but it now blocking some attempts, connect directly to your PC instead of a switch, change it's IP and password, then block it at the router, I suggest turning off UPNP.

Also block easy4ip, it's a sneaky little beast.

View attachment 18953

If you follow these simple steps, it should resolve 99% of your issues.

Re bricked cameras, this would have happened because you attempted to firmware upgrade with the camera still getting hammered.
Solution? Don't do firmware upgrades unless you are directly connected to the camera.

I haven't had any issues with my cameras but that's because I follow best practice, something many of you really need to start doing.

Once who have? High 5, you are awesome! :)
This brilliant I only have my new install on network right now and freaked out after hearing how much they actually talk to the outside world thank you very much this should be stickied
 
  • Like
Reactions: EMPIRETECANDY
I will share the ftp link to @beingware for all dahua firmware. Because can't show here so will send him for downloading some important new firmware. Right now dahua website also have the firmware , you can search the model there and find the firmware at download. Most firmware there is the latest but some not.
 
This brilliant I only have my new install on network right now and freaked out after hearing how much they actually talk to the outside world thank you very much this should be stickied

I just moved one of my starlights (older firmware) onto my unrestricted network and even with the hostname for smart4ip blocked, UPNP etc turned off, the little bugger was connecting to hard coded IPs, uploading it's serial, username and random password token while attempting to leave a constant on connection.

So they do certainly call home, I really do encourage people to block cameras, nas, dvrs, bluray players, etc from talking to the Internet, no matter the brand.

I've seen almost identical behaviour from Dlink, Netgear, Samsung, Hikv, AXIS, Dell, Swann etc, so it's not unique to Dahua, but certainly isn't nice.



Screen Shot 2017-06-06 at 11.44.04 am.png
 
Last edited:
I just moved one of my starlights onto my unrestricted network and even with the hostname for smart4ip blocked, UPNP etc turned off, the little bugger was connecting to hard coded IPs, uploading it's serial, username and random password token while attempting to leave a constant on connection.

So they do certainly call home, I really do encourage people to block cameras, nas, dvrs, bluray players, etc from talking to the Internet, no matter the brand.

I've seen almost identical behaviour from Dlink, Netgear, Samsung, Hikv, AXIS, Dell, Swann etc, so it's not unique to Dahua, but certainly isn't nice.



View attachment 18995

I only have them on a local right now with no internet access man I gotta turn on black lists and everything now you got me making a tinfoil hat @beingaware :)
 

Attachments

I just moved one of my starlights (older firmware) onto my unrestricted network and even with the hostname for smart4ip blocked, UPNP etc turned off, the little bugger was connecting to hard coded IPs, uploading it's serial, username and random password token while attempting to leave a constant on connection.

So they do certainly call home, I really do encourage people to block cameras, nas, dvrs, bluray players, etc from talking to the Internet, no matter the brand.

I've seen almost identical behaviour from Dlink, Netgear, Samsung, Hikv, AXIS, Dell, Swann etc, so it's not unique to Dahua, but certainly isn't nice.



View attachment 18995


I really don't think it something to be concerned about because it probably calling home to update it's server with the camera's serial number and the current public ip addressing so customer who purchase the cameras can use the QR Barcode scanner on the iDMSS or gDMSS to link all their camera or NVR to the apps without having to know the serial number or ip addressing etc.

Dauha server will have those information and do all the dirty job for you. It will call home every so often to make sure your public ip address is current since home owner sometime have dynamic ip address that changes every so often and also another thing that would call home is the DDNS in the NVR or camera to update the ip address and link it to your own personal custom domain name to make it easier for you to link your security network remotely just by entering a domain name that you setup with.

QR barcode scanner is gaining popularly and it found on every electronic products to assist the customer to set up or troubleshoot their devices like TV. Routers, even computers now days using the company app on their smartphone.

i don't there is any bad intent for companies to have their devices call home other than to provide their customer an easier accessibility to keep them for lifelong support so customer will keep buying their product for years to come. If company was to use it for malicious reason, it won't be long before they will be caught and their brand name will be forever ruined. I don't think a big name company like Dahua or Dlink would want to risk something like this.
 
  • Like
Reactions: Doolally
I really don't think it something to be concerned about because it probably calling home to update it's server with the camera's serial number and the current public ip addressing so customer who purchase the cameras can use the QR Barcode scanner on the iDMSS or gDMSS to link all their camera or NVR to the apps without having to know the serial number or ip addressing etc.

Dauha server will have those information and do all the dirty job for you. It will call home every so often to make sure your public ip address is current since home owner sometime have dynamic ip address that changes every so often and also another thing that would call home is the DDNS in the NVR or camera to update the ip address and link it to your own personal custom domain name to make it easier for you to link your security network remotely just by entering a domain name that you setup with.

QR barcode scanner is gaining popularly and it found on every electronic products to assist the customer to set up or troubleshoot their devices like TV. Routers, even computers now days using the company app on their smartphone.

i don't there is any bad intent for companies to have their devices call home other than to provide their customer an easier accessibility to keep them for lifelong support so customer will keep buying their product for years to come. If company was to use it for malicious reason, it won't be long before they will be caught and their brand name will be forever ruined. I don't think a big name company like Dahua or Dlink would want to risk something like this.


Problem is, the option has been turned off in the menu, so it should not be calling home at all.

This is where the concern is.
 
6 Cams all updated with latest FW only on local not talking to outside world yet no issues 25mins total
 
6 Cams all updated with latest FW only on local not talking to outside world yet no issues 25mins total

Under connections, either P2P or sub menu in IP depending on the model.
It's called Easy4IP with the Q-Code picture.

I believe it's disabled by default on the newest firmware while the older firmware had it enabled by default.
 
Under connections, either P2P or sub menu in IP depending on the model.
It's called Easy4IP with the Q-Code picture.

I believe it's disabled by default on the newest firmware while the older firmware had it enabled by default.
Cheers bud
 
Cheers bud

Should be under Network > TCP/IP. There's a tab at the top for Easy4IP.

Also kill "Enable ARP/Ping to set IP address service" on the TCP/IP tab and all of the other usual suspects, UPnP, etc. under the network tab.

Hopefully the new firmware stops it.