Hello all,
I have a Q-see QC808 NVR unit with associated IP cameras that have been working great until recently. About two months ago the Internet slowed to a crawl and checking the logs on my router my NVR is constantly connecting to IP addresses I am unfamiliar with on port 3777.
I am not using the default password for the unit but I have not changed passwords/names for the individual cameras. I can still log in with my own user number and password. Q-see is of no help since the unit is about two years old and it is out of the support window. They did tell me that this equipment is vulnerable to Mirai (the botnet that brought down Dyn in October) and they are not offering any firmware to correct this problem.
What I was thinking of doing was suggested on a networking forum. I want to move off of the default ports of 3777 and 85 to something high that doesn't get probed routinely. My hopes are that my firewall will deny this IP access after multiple tries before it gets enough to the ports I have jumped up to. The other choice is a VPN which I would like to avoid if possible for the added complexity.
I am posting this to inquire if anyone knows what ports are a good substitute. Has anyone done this? I am not advanced in networking so any suggestions would be most appreciated. I think others with this vulnerability would also appreciate your thoughts.
Kind regards/thanks
seacoug