Jump to content
Security Installer Community

Cheap Dvr Leaves Your Network Vulnerable To Attack

cybergibbons

By cybergibbons
in Members Lounge (Public)

 Share

Recommended Posts

Rob Kirk Newbie

Rob Kirk

Posted
Posted

Surely unless you are a skilled hacker a password protected dvr with random port is enough to stop the amateur? That is safe enough not to have to scare the customer into saying you are compromising there routers security.

 

Also i thought that again unless highly skilled the only access an open port gives is to the connected dvr or whatever is connected to that port again with the password it wouldn't even give access to the dvr.

 

Also the hacker has to know the type of dvr and the port it is using along with the password etc. Type into google hacking port cctv and you see people getting into office systems and supermarkets because they know the type of systems and are skilled/determined for something to do but i can't see them wanting to go through a list of ip's randomly testing for open ports? unless they have software to scan for such weaknesses I'm no expert so this could be the case one day.

GalaxyGuy Explorer

GalaxyGuy

Posted
Posted

Rob, your understanding is incorrect. All of these hacks are automated and it doesn't take an expert to implement them. Once you have root access to a device, then you have access to the sub network it sits on.

Basically, don't set up port forwarding for customers - alway use a VPN for internal device access. If installers cannot set up a VPN, or don't really understand IP networking, then they need to get some training or subcontract that part.

PeterJames Mentor

PeterJames

Posted
Posted

Should this not be in trade?

See post 31, I would have agreed with you on this Rich, its not about hiding it from the public, its about giving spotty nerdy kids ideas.

 

Surely unless you are a skilled hacker a password protected dvr with random port is enough to stop the amateur? That is safe enough not to have to scare the customer into saying you are compromising there routers security.

 

Also i thought that again unless highly skilled the only access an open port gives is to the connected dvr or whatever is connected to that port again with the password it wouldn't even give access to the dvr.

 

Also the hacker has to know the type of dvr and the port it is using along with the password etc. Type into google hacking port cctv and you see people getting into office systems and supermarkets because they know the type of systems and are skilled/determined for something to do but i can't see them wanting to go through a list of ip's randomly testing for open ports? unless they have software to scan for such weaknesses I'm no expert so this could be the case one day.

The point is there are plenty of highly skilled people out there extracting money from peoples bank accounts right now by simply sending them an email with an attachment. But not everyone is daft enough to open an email attachment from someone they have never heard of.  Its only a matter of time before the highly skilled suss that you can get on a network via a DVR. I am not that particularly skilled but I bet I could do it (Not that I ever would )

Rob Kirk Newbie

Rob Kirk

Posted
Posted

See post 31, I would have agreed with you on this Rich, its not about hiding it from the public, its about giving spotty nerdy kids ideas.

 

The point is there are plenty of highly skilled people out there extracting money from peoples bank accounts right now by simply sending them an email with an attachment. But not everyone is daft enough to open an email attachment from someone they have never heard of.  Its only a matter of time before the highly skilled suss that you can get on a network via a DVR. I am not that particularly skilled but I bet I could do it (Not that I ever would )

I agree, and yes i was wrong in my understanding but the last time i port forwarded was for my dads cctv system in around 07 I've not installed many dvrs in houses. since then he's upgraded to a plug and play system that doesn't need port forwarding and i have to, I'm not that clued up on cctv to be honest but these new plug and play systems that dont need port forwarding would they be on a vpn? if not are they safe?

PeterJames Mentor

PeterJames

Posted
Posted

I agree, and yes i was wrong in my understanding but the last time i port forwarded was for my dads cctv system in around 07 I've not installed many dvrs in houses. since then he's upgraded to a plug and play system that doesn't need port forwarding and i have to, I'm not that clued up on cctv to be honest but these new plug and play systems that dont need port forwarding would they be on a vpn? if not are they safe?

Plug and play are likely to be more vulnerable than port forwarded machines.

cybergibbons Newbie

cybergibbons

Posted
  • Author
Posted

Part of the issue here is you don't need to port forward for the device to be at risk. Another part is that it isn't just this DVR, so many of them have issues.

 

This site explains how similar attacks have been happening against routers:

http://malware.dontneedcoffee.com/2015/05/an-exploit-kit-dedicated-to-csrf.html

 

It's quite advanced, but it is actually happening. And it's not teenagers you are going to need to worry about, it's organised crime from other parts of the world.

 

As an aside, which DVR brands do you all trust? I've got budget to buy higher end gear and want to have a crack at something good.

I have a blog, some of which is about alarm security and reverse engineering:
http://cybergibbons.com/

 

 

 

al-yeti Mentor

al-yeti

Posted
Posted

Hik vision and Samsung

Maybe not high end but commonly used by installers from what I seen

cybergibbons Newbie

cybergibbons

Posted
  • Author
Posted

Samsung DVRs have known issues:
https://www.andreafabrizi.it/?exploits:samsung:dvr

https://www.kb.cert.org/vuls/id/882286

http://blog.emaze.net/2016/01/multiple-vulnerabilities-samsung-srn.html

 

I'm about to publish a vulnerability across many of their IP cameras as well.

 

Hikvision haven't been too bad when reporting vulnerabilities. Their cameras are so-so, still making a lot of mistakes but nothing awful. Not looked at a DVR of theirs.

I have a blog, some of which is about alarm security and reverse engineering:
http://cybergibbons.com/

 

 

 

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.


×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.

  I accept