Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




74 posts

Master Geek
+1 received by user: 16


Topic # 154822 9-Nov-2014 10:32
One person supports this post
Send private message

Well after just installing new IP based security cameras at work, I was sure to make 100% sure none were still loaded with default passwords.

Then I see this story http://www.techspot.com/news/58747-website-streams-private-ip-cameras.html


And lo and behold at the time, 122 non-secure IP based systems live in NZ.

http://insecam.com/cam/bycountry/NZ/


Interested in seeing if anyone sees the inside of their office online.....

Create new topic
4861 posts

Uber Geek
+1 received by user: 2358

Trusted
Subscriber

  Reply # 1171594 9-Nov-2014 11:15
Send private message

Printers too. Brother printers by default have Internet Print Protocol turned on. If one were to look, then one could gain the IP addresses of a lot of Brother printers that one might then add as one's own printer to print whatever one so desired, you know, for science. I'm sure the same is true for just about every other brand of printer too, but since I have Brother printer myself I did some research. On a more serious note, this also means a lot of printers are wide open to exploitation with a view to installing malicious firmware over the internet. The printers themselves are pretty sophisticated computers: more than powerful enough to serve as a nice beachhead inside your network. I'm a little surprised it isn't already widely exploited.




iPad Pro 11" + iPhone XS + 2degrees 4tw!

 

These comments are my own and do not represent the opinions of 2degrees.


27669 posts

Uber Geek
+1 received by user: 7152

Moderator
Trusted
Biddle Corp
Lifetime subscriber

  Reply # 1171605 9-Nov-2014 12:00
Send private message

A lot are Hikvision systems, and I'd pick installed by the same person. They clearly know so little they're enabling web access with the default password enabled.





 
 
 
 


253 posts

Ultimate Geek
+1 received by user: 16


  Reply # 1171767 9-Nov-2014 19:40
Send private message

Are these users opening ports on their router to the cameras? Struggling to understand if your intelligent to know how to open ports on your router, you would know the implications of not changing the default passwords.

I can only access my NVR at work over VPN so nothing is open to the internet.







19719 posts

Uber Geek
+1 received by user: 5939

Trusted
Lifetime subscriber

  Reply # 1171805 9-Nov-2014 20:51
Send private message

SaltyNZ: Printers too. Brother printers by default have Internet Print Protocol turned on. If one were to look, then one could gain the IP addresses of a lot of Brother printers that one might then add as one's own printer to print whatever one so desired, you know, for science. I'm sure the same is true for just about every other brand of printer too, but since I have Brother printer myself I did some research. On a more serious note, this also means a lot of printers are wide open to exploitation with a view to installing malicious firmware over the internet. The printers themselves are pretty sophisticated computers: more than powerful enough to serve as a nice beachhead inside your network. I'm a little surprised it isn't already widely exploited.


What exactly do you imagine the point of this is ? Malicious printing? Printers are obviously not physically accessible so sending print jobs to them would serve no useful purpose, unlike cameras would could be used to determine the status of an office for a potential robbery.

3259 posts

Uber Geek
+1 received by user: 1049

Trusted
Lifetime subscriber

  Reply # 1171848 9-Nov-2014 22:03
One person supports this post
Send private message

networkn:
SaltyNZ: Printers too. Brother printers by default have Internet Print Protocol turned on. If one were to look, then one could gain the IP addresses of a lot of Brother printers that one might then add as one's own printer to print whatever one so desired, you know, for science. I'm sure the same is true for just about every other brand of printer too, but since I have Brother printer myself I did some research. On a more serious note, this also means a lot of printers are wide open to exploitation with a view to installing malicious firmware over the internet. The printers themselves are pretty sophisticated computers: more than powerful enough to serve as a nice beachhead inside your network. I'm a little surprised it isn't already widely exploited.


What exactly do you imagine the point of this is ? Malicious printing? Printers are obviously not physically accessible so sending print jobs to them would serve no useful purpose, unlike cameras would could be used to determine the status of an office for a potential robbery.

Read beyond Salty's first 4 sentences...

919 posts

Ultimate Geek
+1 received by user: 224

Subscriber

  Reply # 1171919 10-Nov-2014 08:26
Send private message

astrae: Are these users opening ports on their router to the cameras? Struggling to understand if your intelligent to know how to open ports on your router, you would know the implications of not changing the default passwords.

I can only access my NVR at work over VPN so nothing is open to the internet.


All of my Hikvision cameras had uPNP enabled by default to open a port on the firewall for remote access.

21983 posts

Uber Geek
+1 received by user: 4645

Trusted
Subscriber

  Reply # 1172236 10-Nov-2014 14:42
Send private message

I got a couple of cheap IP cameras from aliexpress. One of them by default has a cloud service enabled, even without ports opened it still gets thru to it, and I only noticed because there is a cloud URL in the admin pages. I had not changed my camera from the default of admin and 123456 at that time and hitting the URL was straight into it, I assume because I had just been logged into it locally the browser plugin cached the username and password.

I dont think I will be giving these cameras internet access when I get around to installing them.

Here is one that I found by just changing the URL a bit - http://434906.seetong.com/

I have no idea where it is, but the only difference is that number at the start, plenty in the 312xxxx range.

Add to this that video from blackhat last year about how a guy found exploits in alot of cameras just from looking at the firmware updates with things like unprotected scripts passing paramters to system without cleaning them up, and you have a small gutless linux machine on a remote network you can get to and then use to start exploiting other things on that network.

This is why the whole "internet of things" craze is so worrying. The people making these dont give a crap about security, they will probably never see a firmware update applied in their life even if they are available because they are working fine, and you have no idea what will happen to those "p2p" servers that relay the data in the future as I dont see how that is a viable business model when a company making the cameras is not charging an ongoing subscription to use them.




Richard rich.ms

754 posts

Ultimate Geek
+1 received by user: 189


  Reply # 1172243 10-Nov-2014 14:51
Send private message

iirc there's a bunch of youtube videos of people remotely taking over cameras and even playing sound from some of them

21983 posts

Uber Geek
+1 received by user: 4645

Trusted
Subscriber

  Reply # 1172244 10-Nov-2014 14:57
Send private message

The one of someone playing rockwell's sometimes I feel like somebodys watching me out the guys PTZ one and he calls the helpdesk is quite funny.





Richard rich.ms

Create new topic



Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Orcon announces new always-on internet service for Small Business
Posted 18-Apr-2019 10:19


Spark Sport prices for Rugby World Cup 2019 announced
Posted 16-Apr-2019 07:58


2degrees launches new unlimited mobile plan
Posted 15-Apr-2019 09:35


Redgate brings together major industry speakers for SQL in the City Summits
Posted 13-Apr-2019 12:35


Exported honey authenticated on Blockchain
Posted 10-Apr-2019 21:19


HPE and Nutanix partner to deliver hybrid cloud as a service
Posted 10-Apr-2019 21:12


Southern Cross and ASN sign contract for Southern Cross NEXT
Posted 10-Apr-2019 21:09


Data security top New Zealand consumer priority when choosing a bank
Posted 10-Apr-2019 21:07


Samsung announces first 8K screens to hit New Zealand
Posted 10-Apr-2019 21:03


New cyber-protection and insurance product for businesses launched in APAC
Posted 10-Apr-2019 20:59


Kiwis ensure streaming is never interrupted by opting for uncapped broadband plans
Posted 7-Apr-2019 09:05


DHL Express introduces new MyDHL+ online portal to make shipping easier
Posted 7-Apr-2019 08:51


RackWare hybrid cloud platform removes barriers to enterprise cloud adoption
Posted 7-Apr-2019 08:50


Top partner named at MYOB High Achievers Awards
Posted 7-Apr-2019 08:48


Great ideas start in Gisborne with hackathon event back for another round
Posted 7-Apr-2019 08:42



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.