Jump to content
Sign in to follow this  
vich22

Could someone exploit NVR with ports being open?

Recommended Posts

Since forwarding ports 8000, 554, and 84 is necessary to have real time viewing from a computer and cellphone how secure are our camera feeds? Going to www.grc.com and doing a port scan ports 554 and 84 and 8000 are open and respond to probes. This means theoretically someone can connect to and attempt to break into our private feeds. Other than closing all ports and disabling viewing from smart phones can anything be done to secure this? I feel like our passwords could easily be broken?

Share this post


Link to post
Share on other sites

Of course doing a port scan on those ports shows them as open, you opened them yourself, otherwise you would not be able to watch your own cameras.

 

Your password could easily be broken? Change the default 12345 password to something stronger. Set up your NVR to send emails, and email you in case of any login failed attempt.

 

Still feeling paranoid? Use a VPN to connect to your unit.

Share this post


Link to post
Share on other sites

Yes changed the default password of course. Something I have not found out yet is how long can the NVR password be and can we use special character like %$#@* ?

Trying to find where I can setup the NVR to email me if a failed login attempt is detected... Do you know?

When using a VPN to connect to the NVR, doesn't that render the mobile app useless?

Thanks

Share this post


Link to post
Share on other sites
Trying to find where I can setup the NVR to email me if a failed login attempt is detected... Do you know?

 

Config -> Network -> Email

and

Config -> Exceptions -> Illegal login -> Send email

Share this post


Link to post
Share on other sites

Most certainly it could be exploited. Almost anything can be. Definitely change default ports and remember a long password is generally more secure than a complex one.

 

I would also recommend creating user accounts with only viewer privileges for use while away from home. Although my old analog dvr had a compromised viewer account, which they successfully used to obtain the administrative credentials.

 

But at the end of the day, the risk of me not seeing my cameras is worse than the risk of somebody else seeing them. VPNs are another option.

Share this post


Link to post
Share on other sites
Most certainly it could be exploited. Almost anything can be. Definitely change default ports and remember a long password is generally more secure than a complex one.

 

I would also recommend creating user accounts with only viewer privileges for use while away from home. Although my old analog dvr had a compromised viewer account, which they successfully used to obtain the administrative credentials.

 

But at the end of the day, the risk of me not seeing my cameras is worse than the risk of somebody else seeing them. VPNs are another option.

 

Thanks for the responses everyone. Apologize for the barrage of questions! But everyone is very helpful.

For the 8000 port (device port) what is the range of ports I can use instead of 8000? And antitrust can you elaborate on the specific user accounts while away?

Share this post


Link to post
Share on other sites

Change default ports.

Change passwords.

You can even lock the admin account to work only from a given IP address.

Create a guest account with just the privileges you need to work over internet.

Share this post


Link to post
Share on other sites
BTW max char # for password is 16

16 is way more than enough..you can set the unit to alert you in case of false attempts..the problem is not brute force password attached but rather exploits in the firmware...you can minimize the risk by only forwarding the media port...or simply use vpn.

Share this post


Link to post
Share on other sites
Of course doing a port scan on those ports shows them as open, you opened them yourself, otherwise you would not be able to watch your own cameras.

 

Your password could easily be broken? Change the default 12345 password to something stronger. Set up your NVR to send emails, and email you in case of any login failed attempt.

 

Still feeling paranoid? Use a VPN to connect to your unit.

 

Just today I got 5 emails within 20 minutes. My NVR emailed me and said I had 5 illegal login attempts.

 

Anyway to find out what IP's are connected to NVR?

Share this post


Link to post
Share on other sites
Of course doing a port scan on those ports shows them as open, you opened them yourself, otherwise you would not be able to watch your own cameras.

 

Your password could easily be broken? Change the default 12345 password to something stronger. Set up your NVR to send emails, and email you in case of any login failed attempt.

 

Still feeling paranoid? Use a VPN to connect to your unit.

 

Just today I got 5 emails within 20 minutes. My NVR emailed me and said I had 5 illegal login attempts.

 

Anyway to find out what IP's are connected to NVR?

 

Should be in your connection log

Share this post


Link to post
Share on other sites

Port forwarding simply pushes off security for that port to your DVR/NVR and the person from the outside can try their hand at it.

 

For the 8000 port (device port) what is the range of ports I can use instead of 8000?

 

There's a lot:

https://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers

 

For residential, many ISP's block outbound port 80, and some DVR/NVR's have port 80 as the default. So changing it to whatever you'll remember (and doesn't conflict with your browser's port 443, your email's port 110 or 25 or 587, etc.)

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×