Looking for advice in locking down my system

B

bfollowell

Young grasshopper
Dec 11, 2015
83
24
Evansville, IN
Currently, our camera setup includes a Hikvision DS-2CD2442FWD-IW in our great room and a cheap Foscam R4S monitoring the inside of our garage. They're both connected via ethernet and recorded through Blue Iris. I plan to start adding outdoor cameras soon, but that's what we have now.

A week or two ago, my wife swears she heard someone call her name through the Hikvision. I reviewed the footage, but I couldn't make much of anything out.

Now, just a few minutes ago, she was in the little closet under our stairs where I keep all of our network equipment and the little Blue Iris server. From the cheap little speaker in HP server, she distinctly heard someone say "Hey hot momma!"

I've never really done anything to secure our cameras and it looks like that needs to change ASAP. I guess the first thing I need to do is go in and change the access passwords for them, but I know there is more that I need to do. I mean, I know nothing is unhackable, but I want to do my due diligence to say I've done everything that I can do. So, that's why I'm here. Where do I start? What all should I do/look into?

Thanks.
 
The internet is a veritable sewer of hackers. You need to stop any P2P and port forwarding at your router. If you want to view/access your system from outside of your local LAN use a VPN.

VPN Information Thread

VPN Primer for Noobs

The internet is a force of nature; no video surveillance system made was designed to be exposed to those forces.. NEVER FORWARD PORTS to your NVR or Cameras, doing such things not only exposes you to severe security problems, but everyone else on the internet too.. Hackers dont want your video...
ipcamtalk.com ipcamtalk.com
 
  • Like
Reactions: Jessie.slimer, mat200, SouthernYankee and 1 other person
Thanks Rob! Excellent information on the dual-NIC. I'd never thought of that or even heard of it, but that looks like it would be very helpful, and a great way to help keep things segregated. I've been planning to pickup a POE switch soon, before I start picking up my outdoor cameras, so this gives me a lot to read up on and learn.
 
bfollowell said:
Currently, our camera setup includes a Hikvision DS-2CD2442FWD-IW in our great room and a cheap Foscam R4S monitoring the inside of our garage. They're both connected via ethernet and recorded through Blue Iris. I plan to start adding outdoor cameras soon, but that's what we have now.

A week or two ago, my wife swears she heard someone call her name through the Hikvision. I reviewed the footage, but I couldn't make much of anything out.

Now, just a few minutes ago, she was in the little closet under our stairs where I keep all of our network equipment and the little Blue Iris server. From the cheap little speaker in HP server, she distinctly heard someone say "Hey hot momma!"

I've never really done anything to secure our cameras and it looks like that needs to change ASAP. I guess the first thing I need to do is go in and change the access passwords for them, but I know there is more that I need to do. I mean, I know nothing is unhackable, but I want to do my due diligence to say I've done everything that I can do. So, that's why I'm here. Where do I start? What all should I do/look into?

Thanks.
Click to expand...

Hi @bfollowell

Time to review the security settings of your router ..

If you do not have a good router, time to upgrade ..
 
mat200 said:
Hi @bfollowell

Time to review the security settings of your router ..

If you do not have a good router, time to upgrade ..
Click to expand...

I have a Linksys WRT3200ACM router and my wi-fi extender is a TP-Link AC1750 WiFi Extender. I think they're both very capable and relatively secure, assuming I have things setup well. I'm certain I'm past due to review the security settings of both, as well as making certain their firmware is up-do-date though. If there's any deficiencies, I'm fairly certain that they're me, and not the equipment.

Thanks for the advice.
 
  • Like
Reactions: mat200
Something's not right if you have people accessing your cams. How do you view your cams remotely?

If you've not updated the firmware on the cams, then should do that too. There have be a few exploits of Hikvision and Foscam discovered since those cams came out. e.g.:

www.csoonline.com

Critical Hikvision flaw could be remotely exploited to hijack cameras, DVRs and accounts

Hikvision patched a critical flaw that allowed attackers to access and manipulate cameras and DVRs as well as hijack accounts.
www.csoonline.com www.csoonline.com

Another possibility is someone accessing your WiFi locally I suppose.
 
  • Like
Reactions: mat200
You either port forwarded your cameras yourself or you have upnp enabled on your cams which is providing the entire internet with direct access to your cameras. Password is irrelevant as there are many hacks/backdoors particular on unpatched older cams. As others have said take them off the net. For now, simply disabling upnp on BOTH the camera and router and disabling any port forwarding for the cams should stop the creeps.
 
  • Like
Reactions: mikeynags, alastairstevenson and sebastiantombs
bfollowell said:
Thanks Rob! Excellent information on the dual-NIC. I'd never thought of that or even heard of it, but that looks like it would be very helpful, and a great way to help keep things segregated. I've been planning to pickup a POE switch soon, before I start picking up my outdoor cameras, so this gives me a lot to read up on and learn.
Click to expand...

It is actually pretty easy.

In simplest form, buy a spare NIC card, drop it in your PC in a spare PCIe slot, configure properly using the guidance on this site.

There are some really good diagrams on this site which makes it even easier to get the correct hookup.
 
  • Like
Reactions: sebastiantombs
That is creepy as hell!


How large an attack surface does your network have? What else is vulnerable? What else has been potentially become an attack vector already?


You may have work to do, beyond just keeping cameras off the web.
 
  • Like
Reactions: sebastiantombs
You must log in or register to reply here.
Top Bottom