Is dvrdydns.com DDNS provider legit? safe ? Free?
- Thread starter Stewart2
- Start date
fenderman
Staff member
- Mar 9, 2014
- 36,891
- 21,407
No it is not safe. Here is why. If you are using a ddns provider that is included with your NVR, you are port forwarding which is simply not secure. You will be hacked.
Question for you....
I have been reading a bunch here, and I understand the security push for VPN and seperate VLANs behind your router. I agree that forwarding port 80 is Really not a good idea. What about port redirection?
Example-- Opening a random port that is not commonly used by an app or protocol, and having that random port redirected by your router to port 80 (or whatever) of a specific IP within your network. While not as secure or ideal-- isn't opening a random port and letting the router redirect it a lot better than port 80 open to the world? Wouldn't hackers just move on to the easy targets of unsecured port 80 connections (or other common ports) out on the internet from every new parent that bought a baby cam?? Wouldn't port redirection significantly reduce the risk since they would have to run a scan to discover the open port, and then figure out what it redirects to?
fenderman
Staff member
- Mar 9, 2014
- 36,891
- 21,407
It wont help. They scan many ports. It will just delay the inevitable. They dont have to figure out where its redirected, your router is doing that automatically for them. These hackers have automated scripts, it costs them nothing but time. See this great example by @alastairstevenson. He writes in part,
"At 30 packets per minute unsolicited, it really underlines the risks of using port forwarding to remotely access your cameras.
And the predominance of the high ports in use also underlines that using high ports doesn't really provide much protection. "
Hikvision Honeypot Hackathon
We get quite a lot of posts about port forwarding - and quite a lot of good advice in response about the risks, and pointers to more secure remote access methods. And we still get posts related to the Hikvision backdoor vulnerability, where camera passwords are mysteriously lost, or cameras...
HOLY CRAP!!!!!It wont help. They scan many ports. It will just delay the inevitable. They dont have to figure out where its redirected, your router is doing that automatically for them. These hackers have automated scripts, it costs them nothing but time. See this great example by @alastairstevenson. He writes in part,
"At 30 packets per minute unsolicited, it really underlines the risks of using port forwarding to remotely access your cameras.
And the predominance of the high ports in use also underlines that using high ports doesn't really provide much protection. "
Hikvision Honeypot Hackathon
We get quite a lot of posts about port forwarding - and quite a lot of good advice in response about the risks, and pointers to more secure remote access methods. And we still get posts related to the Hikvision backdoor vulnerability, where camera passwords are mysteriously lost, or cameras...ipcamtalk.com
That Hikvision hack experiment is Scary as hell.... THANK YOU for alerting me to that!!
Now I am more excited to get that Procurve switch this week and start setting up my Camera VLAN...