Jump to content
Security Installer Community

Cheap Dvr Leaves Your Network Vulnerable To Attack

cybergibbons

By cybergibbons
in Members Lounge (Public)

 Share

Recommended Posts

cybergibbons Newbie

cybergibbons

Posted
  • Author
Posted

From what I've gathered in reading, no home router is safe without an outbound firewall weather it has a dvr connected or not.

 

Port forwarding a dvr seems to create a flag for an easy entry route for the automated hackers?

 

Modern plug and play dvrs are just as vulnerable...

 

HIK dvrs are ok?

 

Hmm why tell the customer that you are creating a vulnerability in their network when the network already has a vulnerability with all these automated hacking things from abroad...unles you are port forwarding which seems old hat and not done much now. Please enlighten.

 

I can hopefully clarify a bit.

Your own computer can be used as a pivot as well. It probably would be used as a pivot if you are running XP, with no firewall, no antivirus, out-of-date software, and you didn't care when it started crawling to a halt and the cursor started moving of it's own accord.

That's pretty much what a DVR is - out of date OS, with no firewall, no antivirus, no updates, and you can't actually see what it is doing.

 

Personally, I would make sure that I wasn't responsible for security issues with the DVR. I don't know the solution though, it's something we are working on in the IT security world. It's way too complex for people to get right at the moment.

And yes, Hikvision DVRs seem above average. They respond to issues, actually issue firmware updates for most gear, and there is a clear trend showing that they are improving.

I have a blog, some of which is about alarm security and reverse engineering:
http://cybergibbons.com/

 

 

 

Adi Enthusiast

Adi

Posted
Posted

Would be good, ive been thinking i should be teaching myself VPN, am i correct?

I really can't be ar**** with it anymore.

PeterJames Mentor

PeterJames

Posted
Posted

no I think its best you prioritise it. The membership here needs guidance and thinks your playing all for your own benefit?

seen as you rarely frequent here till you have new info.

You probably didnt mean to come across this way, but I though the above comment was a bit rude James, Andy gives up his time FOC here I think we should be grateful for what we get. I agree it is important but his part is to tell us there is a problem, not necessarily give us all the answers as well.

PeterJames Mentor

PeterJames

Posted
Posted

I wasn't meaning it to come across that way. I prefer to know about issues etc. If it's read that way then I apologise.

You were in CEO Mode LOL

norman Experienced

norman

Posted
Posted (edited)

CEO? I hate Americanism's, it's an alarm company not *####* Coca Cola.

Edited by PeterJames
public swearing

Nothing is foolproof to a sufficiently talented fool.


PeterJames Mentor

PeterJames

Posted
Posted

CEO? I hate Americanism's, it's an alarm company not ******* Coca Cola.

Thats his real title norm, Chief Execs are allowed in the UK as well as the US

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.


×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.

  I accept