Go Back   TeamTalk > Off Topic > Off Topic Discussion

Thread Tools Display Modes
Old 10-12-2016, 05:37 AM
CantRepeat's Avatar
CantRepeat CantRepeat is online now
Join Date: Jul 2008
Boat: 06 X30
Location: Roll Tide!!
Posts: 14,247
Originally Posted by Bongo View Post
I had been casually looking into one of these systems as well, but a bit hesitant for a couple reasons including how quickly they become obsolete and security (who can control, watch).

Products including a lot of the DVRs / cameras made by Dahua** were easily compromised and turned into supporting to the largest Internet Distributed Denial of Service (DDOS) attack a couple weeks ago. Two 18 year-old kids hacked into hundrends-of-thousands of Internet of Things (IoT) devices and turned them against an author who was starting to get too close to identifying them for their nefarious activities.* A couple keys that led to this:
- Most of the devices don't make it easy to change the passwords for these devices.
- Even those devices that do allow password change are really only changing the password to access the user interface. They can still be logged into remotely with the one user account and password programmed into the device.
- Most of us consumers don't really care how secure these devices are when we installed them into our house. Sure, they might use a little of our bandwidth - but beyond our Internet connection being a little slow, how do we know?

See: https://krebsonsecurity.com/2016/10/...amid-iot-mess/ for mention of the devices. Brian Krebs, who authors the articles at that site, has 4 or 5 articles on this specific topic over the past two weeks.

* I might be running a little fast and loose with the comments in this paragraph. It is my recollection from reading the blog and related articles. But since I'm not really an authoritative source, I didn't go back and confirm what I had recalled.

** Dahua has issued a statement that they will replace the compromised devices. Anything manufactured before a specific date. However, the swap process isn't operational and it appears Dahua will make it a bit difficult for anyone other than a serious IT expert to demonstrate harm.

DON'T use the default ports for anything that can be accessed online. The script kiddies are probably scanning for default ports on IPs. Use a hardware firewall on your home network. The people that are getting hacked are the people that just plug the dvr in and don't do anything else.

Disable the default admin account
Don't use factory ports IE 80 for http access
Do use a hardware appliance with a built in firewall to block inbound factory telnet and ftp protocols and ports

It's pretty simple to secure yourself from this type of attack, take over.

Some of the critical information needed.

-The devices were using firmware dating prior to January 2015.
-The devices were using the default user name and password.
-The devices were exposed to the internet without the protection of an effective network firewall.

"Heavy" beer is for wine drinkers that are too embarrassed to drink wine in front of their buddies. "Light" beer is a drinkin' man's beer!

Last edited by CantRepeat; 10-12-2016 at 05:53 AM.
Reply With Quote

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

All times are GMT -4. The time now is 09:28 PM.