Avatar

Please consider registering
Guest

Search

— Forum Scope —




— Match —





— Forum Options —





Minimum search word length is 3 characters - maximum search word length is 84 characters

Register Lost password?
sp_Feed sp_TopicIcon
HAve I been hacked?
sp_NewPost Add Reply sp_NewTopic Add Topic
Avatar
fairweathergardener
New Member
Members
Forum Posts: 2
Member Since:
November 21, 2016
sp_UserOfflineSmall Offline
1
November 21, 2016 - 4:27 pm
sp_Permalink sp_Print sp_QuotePost
sp_ReportPost

Hi Everyone
IVe been having problems with my analogue box for a few months now – interfering with my Internet and also Live View on web interface not behaving. Well, I got a new system and while I was dismantling the old one and checking settings for transfer across etc, I noticed it had been hacked. Please see this link http://www.securitycameraking.com/secur … revent-it/
and http://www.pcworld.com/article/3089346/ … tacks.html.   This led me to believe I have been hacked.  HAve I? 

In the first link, that’s exactly what I found on my box – an additional user called “system” which said your box has been hacked please secure. I also had the same web interface issues with Live Preview.

My installer put this in nearly 3 years ago and at the time he only told me to change my admin password which I did. I left the factory password alone as that’s what I was advised to do. It was the usual Dahua 888888. So I think that’s where and why it was hacked so easily. For what nefarious means I don’t know. I haven’t been burgled while this was going on, so it’s not for that purpose. I did have all the internet issues whereby intermittently since the web interface issues (which is since it was hacked), and my internet would slow down so it was unusable even with an ethernet cable straight into the router. Then it would free up again for a while before it happened again. I don’t know if that was hackers using my CCTV box as a route for DDos attacks (not that I now what they are, just that they use up all your bandwidth – can someone explain please?) or maybe it was the firewall kicking in on the router/home hub and stopping our access so we couldn’t be hacked – is this possible in theory?
My BIG question is though, with all this in mind, does anyone know if, once the CCTV box has been breached, home data on laptops, Macs, iPhones etc is compromised or could my theory about the firewall be correct? I had DMZ ticked on my router for at least the past 6 months, but not prior. What does this do? I was just told to do that. The router was set up as a DNS with port forwarding. 

And another question….are the new P2 P boxes secure or not? 

Avatar
Heath Phillips
Florida
Moderator
Members

Moderators
Forum Posts: 229
Member Since:
January 15, 2014
sp_UserOfflineSmall Offline
2
November 21, 2016 - 5:45 pm
sp_Permalink sp_Print sp_QuotePost
sp_ReportPost

If you see a user “system – you have been hacked please secure your system” or something of that nature, then yes you were hacked.

Most likely the attacker used the recorder as a bridge to your network. You need to remove that username completely, and make sure to make some password adjustments.

 

The most important thing for you to do here is make sure “DMZ” is not enabled in your router/modem/firewall. This is how they are gaining access through the telnet port of 23.

DMZ stands for demilitarized zone, it opens up every port available to one device on your network leaving your device vulnerable on the internet. To gain access to your machine remotely you need to have port forwarding done, and remove the DMZ. 

Avatar
fairweathergardener
New Member
Members
Forum Posts: 2
Member Since:
November 21, 2016
sp_UserOfflineSmall Offline
3
November 21, 2016 - 6:09 pm
sp_Permalink sp_Print sp_QuotePost
sp_ReportPost

Heath Phillips said
If you see a user “system – you have been hacked please secure your system” or something of that nature, then yes you were hacked.

Most likely the attacker used the recorder as a bridge to your network. You need to remove that username completely, and make sure to make some password adjustments.

 

The most important thing for you to do here is make sure “DMZ” is not enabled in your router/modem/firewall. This is how they are gaining access through the telnet port of 23.

DMZ stands for demilitarized zone, it opens up every port available to one device on your network leaving your device vulnerable on the internet. To gain access to your machine remotely you need to have port forwarding done, and remove the DMZ.   

I have a new box now. It’s P2 P and that’s how I have it set up at present. Is that ok? That doesn’t involve the DMZ and I’ve also changed the passwords . Old box has been reset to factory defaults and I’m not using it now. 

Avatar
Heath Phillips
Florida
Moderator
Members

Moderators
Forum Posts: 229
Member Since:
January 15, 2014
sp_UserOfflineSmall Offline
4
November 22, 2016 - 9:49 am
sp_Permalink sp_Print sp_QuotePost
sp_ReportPost

You should be fine with p2p, there is no ports open to the machine in that case. 

I would verify and make sure DMZ and any unnecessary port forwarding is disabled within your router.  

Forum Timezone: America/New_York

Most Users Ever Online: 127

Currently Online:
25 Guest(s)

Currently Browsing this Page:
1 Guest(s)

Top Posters:

Techpro Security: 404

shockwave199: 179

tubac: 163

Gilberto: 150

MrDeepFreeze: 135

javajeff: 132

Jer7of9: 129

Night Hawk: 98

West Coast Jones: 66

ShawnInFL: 64

Newest Members:

luisdn60

sdb2014

RobertFewar

gwendolynxa2

jimmieil4

LutherPew

Macieksnamb

Kathryndiuck

avisev11

Jamesdauro

Forum Stats:

Groups: 5

Forums: 28

Topics: 1197

Posts: 5263

 

Member Stats:

Guest Posters: 60

Members: 5574

Moderators: 15

Admins: 4

Administrators: Damon Delcoro, Brad Besner, Jose Malave, Gabe Garcia

Moderators: Dan Maresca, Ryan, Zeke Richey, Jorge Nava, Matthew Ernst, LittleBrad, Heath Phillips, Tonya Haley, Dan Millard, Eric Wilson, Brian Lee, Michael, Ted, mwhite, Julius Dilka