Network security questions

J

JPmedia

Getting comfortable
Sep 11, 2024
837
704
Southeast
I changed my LAN IP address range a few days ago from 192.169.X.XXX to 192.168.X.XXX on advice from more experienced users on the board due to odd issues with my security cams.

Yesterday I noticed changes to the settings of one of my LPR cams and this morning, I woke up to one of my backyard cams being offline with "Invalid username or password" displayed on that channel. A check of the recording timeline shows it went offline at 4:33 AM. I reconnected it at 5:42am and it was back to normal.

I've been checking firewall settings, EST security settings and did a scan of IP addresses from the Advanced IP scanner

The scanner turned up 7 active IP addresses from the previous IP range 192.169.X.XXX that have no mac addresses. I can ping them and get a response, but the connection times out if I enter the IP address in a browser. These IP addresses NEVER showed up in the past with scan, so it makes me wonder what changed.

I have attached screenshots of the scan results and a trace of one of the addresses. A trace on any of those 192.169.X.XXX addresses reveals the same results
 

Attachments

  • IPscan2.jpg
    IPscan2.jpg
    116.3 KB · Views: 0
  • Tracert1.jpg
    Tracert1.jpg
    100.1 KB · Views: 0
A little whatis/whois search shows that all of the domains in the trace are parts of AT&T which is our internet provider. I just wonder why they show up now and not in previous searches?
 
#1 you need to check your router, and maybe have someone with networking experience look at it.

Make 100% sure you are not port forwarding and do not have UpNp enabled.

Your NVR is a PoE model?, if so are ALL cameras plugged into this and have 10.1.1.X addresses?

Any stray wifi or other cams or devices on the old 192.169 range?

Your router should be allocating one DHCP pool in the 192.168.1.X range for your LAN devices
Is the ATT Arris provided by your internet provider your sole and only modem/router combo?

* Note I hate combo Modem/routers. I demand my provider give me a modem I can set in pass through mode, with admin rights, and buy my own router to manage my network.
 
+1 above.

ISP supplied combo modem/routers are evil.

The benefit to having your own router is control of your bandwidth. Some ISPs tout their far reaching wifi hotspots as a selling point to use their mobile service.

When using an ISP issued router, they can use it as a hotspot for their other customers without your approval or knowledge, which depending on that persons use, could slow down your internet speeds.

Maybe those unknown IPs are their customers connecting to your system.

Don't believe me, turn on to allow you to connect to an ISP hotspot and walk around your neighborhood and see if you find which neighbors are providing that without them knowing it LOL.

Or go to your ISP and see if they have a map showing the wifi hotspots that are clearly at a residential house:

1750981252273.png
 
  • Like
Reactions: bigredfish
You must log in or register to reply here.
Top Bottom