Upgrade gray market camera

[Stev Wolf]

I did not know at the time when I bought the camera from amazon that my camera was going to be such a pain.
I even called Hikvision and they told me my camera was gray market. A term I knew nothing about. Anyway I do now.
I have the problem where my camera keeps loosing its settings and passwords, basically going back to default.

I have disabled all upnp options on camera and on router, but it sill keeps resetting. I thought that this was the answer, but it doesnt seem to be?

So Im now aproaching the upgrade of the firmware as a possible fix, (unless others have better answers).

My camera is DS 2CD3145F -IS. I have searched for this but cant find any info on the ipcamtalk site.
Is this camera upgradable using Brick fix v2 method .

It all looks a bit scary but, the camera which works fine is useless as it keeps loosing its setting anywhere from 5 minutes to 12 hours.

Thank you for your advice.

 

[looney2ns]

Return it, get your money back.

 

[jmhmcse]

is this a recent or past purchase?
has it always been resetting or is this something new?
is the camera shared or visible to the WWW?
---
not recommended to upgrade the firmware of a 'grey' market camera. the grey-camera is manufactured as a non-english variant then hacked into english. if you happen to find an upgrade for this camera it's not going to be in english afterwards.

 

[Stev Wolf]

is this a recent or past purchase?
has it always been resetting or is this something new?
is the camera shared or visible to the WWW?
---
not recommended to upgrade the firmware of a 'grey' market camera. the grey-camera is manufactured as a non-english variant then hacked into english. if you happen to find an upgrade for this camera it's not going to be in english afterwards.

The camera is several years old and has worked well. It has started resetting over the last month or so. The camera is not visible to the WWW. The 8000 port is forwarded but I went into he web interface of the camera and changed it to a different port.

I have subsequently bought Hikvision cameras from local reseller with no problems. its sad that amazon allows this product.

Either way as I pointed out there appear to be very knowledgeable people who have resolved this problem. I was hoping someone would be able to give me the and update to this process as to whether it is still working for my model of camera.

 

[jmhmcse]

if it's been working well for several years i doubt a newer version of firmware would do any good

if the camera is getting up in age, then perhaps it's simply failing or perhaps the cable connection is deteriorating... temporarily move the camera closer to your switch and use a new cable?

on the off chance of the camera getting out or in, i block the camera's ip address in the router's firewall; then set the NTP for a local system on the lan.

 

[Stev Wolf]

if it's been working well for several years i doubt a newer version of firmware would do any good

if the camera is getting up in age, then perhaps it's simply failing or perhaps the cable connection is deteriorating... temporarily move the camera closer to your switch and use a new cable?

on the off chance of the camera getting out or in, i block the camera's ip address in the router's firewall; then set the NTP for a local system on the lan.

Thank you for your comments.
I have at the moment installed a new camera in the same location and brought the failing camera in and plugged it in. It will be interesting to see if it looses its settings now after i have set it up again.

While your points are well taken, however a couple of things. Firstly, why would a failing network cable reset the camera. Normally you would just loose the connection and the camera would be inaccessible. In my case its always accessible. It just goes back to default. Again you may be right that upgrading the firmware will do nothing. But it seems the problem Im having are the exact symptoms of the upnp flaw???

 

[mat200]

The camera is several years old and has worked well. It has started resetting over the last month or so. The camera is not visible to the WWW. The 8000 port is forwarded but I went into he web interface of the camera and changed it to a different port.

I have subsequently bought Hikvision cameras from local reseller with no problems. its sad that amazon allows this product.

Either way as I pointed out there appear to be very knowledgeable people who have resolved this problem. I was hoping someone would be able to give me the and update to this process as to whether it is still working for my model of camera.

Hi @Stev Wolf

Amazon allows a lot of garbage far more fraudulent than Grey market cameras... so no surprises there.

In terms of internet exposure... changing the port from 8000 does not stop the camera from being exposed.

If your camera was exposed to the internet, there is always the chance it was compromised.

 

[Stev Wolf]

Hi @Stev Wolf

Amazon allows a lot of garbage far more fraudulent than Grey market cameras... so no surprises there.

In terms of internet exposure... changing the port from 8000 does not stop the camera from being exposed.

If your camera was exposed to the internet, there is always the chance it was compromised.

Yes that's true. It was actually the first thing I bought on amazon. I'll never do it again.

Thus trying to close the security hole can anyone answer the original question I posted ?

 

[jmhmcse]

changing =default= port number(s) are good, as is disabling upnp (plug and play); however, these alone do not isolate nor prevent a camera from accessing the internet. (having an apparant upnp problem)

a camera will still have access to the internet, if nothing else than to use NTP to a pre-set time server. there is also the ability that the camera has to set itself up (upnp or not) as directly accessible from WWW (when enabled)

i.e.,



also not knowing what the seller/original configuration hacker did or did not add to the OS of the camera is something to consider.

since this is a recent occurrence, then there's less likelihood of pre-installed piece of malware but that 1) camera is failing or 2) the camera has finally been discovered by someone (or bot) and is being told to reset itself after reboot.

possible causes for #1s would be the same as any other computer; hardware failure (memory, rom, electrical surge, etc)

if you set up the camera, reboot it, then disconnect it from the lan for a day or two... one you reconnect to the camera to the lan, are you able log back in with your username/password or has it 'failed' and reverted to defaults?
---

as i alluded to earlier, block the camera's ip address from receiving or sending any traffic to WWW. if nothing can from the WWW can access the camera and the camera cannot access WWW then any security holes have effectively been 'filled'.

1 - reboot camera
2 - disable upnp on your router
3 - in router's firewall add camera's on-lan ip address; nothing in, nothing out (block all to/from WAN)
4 - return the camera to oob settings; DEFAULT (system, maintenance, upgrade and maintenance)
5 - set up camera with user, password, ip address (as defined in router firewall), network mask, leave default gateway and DNS boxes empty (blank)
6 - diable upnp (and any other attempt to reach out to WWW) on camera
7 - set NTP source ip address (from a system within your lan, BI or other system)

if you dont already have a timer server within your network, there are articles available which describe how to set up windows version or other add-on time services

--

 

[tigerwillow1]

Almost every forum member is running 100% gray market cameras. The usual distinction is whether or not it's a chinese market camera.

 

[Stev Wolf]

Almost every forum member is running 100% gray market cameras. The usual distinction is whether or not it's a chinese market camera.

I have stopped all port forwarding of port 8000 and turned off pump. So far it has not lost my settings yet. Although I have had it last a few days. But if this fixes the problem then it indicates that the flaw has been used. Thus an upgrade would fix it . How can I tell if DS 2CD3145F -IS. Is compatible with the fixes on this forum?

 

[Stev Wolf]

changing =default= port number(s) are good, as is disabling upnp (plug and play); however, these alone do not isolate nor prevent a camera from accessing the internet. (having an apparant upnp problem)

a camera will still have access to the internet, if nothing else than to use NTP to a pre-set time server. there is also the ability that the camera has to set itself up (upnp or not) as directly accessible from WWW (when enabled)

i.e.,

View attachment 70703

also not knowing what the seller/original configuration hacker did or did not add to the OS of the camera is something to consider.

since this is a recent occurrence, then there's less likelihood of pre-installed piece of malware but that 1) camera is failing or 2) the camera has finally been discovered by someone (or bot) and is being told to reset itself after reboot.

possible causes for #1s would be the same as any other computer; hardware failure (memory, rom, electrical surge, etc)

if you set up the camera, reboot it, then disconnect it from the lan for a day or two... one you reconnect to the camera to the lan, are you able log back in with your username/password or has it 'failed' and reverted to defaults?
---

as i alluded to earlier, block the camera's ip address from receiving or sending any traffic to WWW. if nothing can from the WWW can access the camera and the camera cannot access WWW then any security holes have effectively been 'filled'.

1 - reboot camera
2 - disable upnp on your router
3 - in router's firewall add camera's on-lan ip address; nothing in, nothing out (block all to/from WAN)
4 - return the camera to oob settings; DEFAULT (system, maintenance, upgrade and maintenance)
5 - set up camera with user, password, ip address (as defined in router firewall), network mask, leave default gateway and DNS boxes empty (blank)
6 - diable upnp (and any other attempt to reach out to WWW) on camera
7 - set NTP source ip address (from a system within your lan, BI or other system)

if you dont already have a timer server within your network, there are articles available which describe how to set up windows version or other add-on time services

--

Well I have pretty much disabled everything so I'm waiting to see what happens. So far it's working for 7hours. Recently it only lasted only few hours.

I thought about plugging in and disconnecting from net work to see if it held settings but since its Poe with a switch I will have to dig around for my Poe single injector that I can unplug from network. Or find ac adapter that works.
Thanks.