Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


74 posts

Master Geek
+1 received by user: 16


Topic # 154822 9-Nov-2014 10:32
One person supports this post
Send private message

Well after just installing new IP based security cameras at work, I was sure to make 100% sure none were still loaded with default passwords.

Then I see this story http://www.techspot.com/news/58747-website-streams-private-ip-cameras.html


And lo and behold at the time, 122 non-secure IP based systems live in NZ.

http://insecam.com/cam/bycountry/NZ/


Interested in seeing if anyone sees the inside of their office online.....

Create new topic
4468 posts

Uber Geek
+1 received by user: 1964

Trusted
Subscriber

  Reply # 1171594 9-Nov-2014 11:15
Send private message

Printers too. Brother printers by default have Internet Print Protocol turned on. If one were to look, then one could gain the IP addresses of a lot of Brother printers that one might then add as one's own printer to print whatever one so desired, you know, for science. I'm sure the same is true for just about every other brand of printer too, but since I have Brother printer myself I did some research. On a more serious note, this also means a lot of printers are wide open to exploitation with a view to installing malicious firmware over the internet. The printers themselves are pretty sophisticated computers: more than powerful enough to serve as a nice beachhead inside your network. I'm a little surprised it isn't already widely exploited.




iPad Air + iPhone SE + 2degrees 4tw!

These comments are my own and do not represent the opinions of 2degrees.


26789 posts

Uber Geek
+1 received by user: 6267

Moderator
Trusted
Biddle Corp
Lifetime subscriber

  Reply # 1171605 9-Nov-2014 12:00
Send private message

A lot are Hikvision systems, and I'd pick installed by the same person. They clearly know so little they're enabling web access with the default password enabled.





253 posts

Ultimate Geek
+1 received by user: 16


  Reply # 1171767 9-Nov-2014 19:40
Send private message

Are these users opening ports on their router to the cameras? Struggling to understand if your intelligent to know how to open ports on your router, you would know the implications of not changing the default passwords.

I can only access my NVR at work over VPN so nothing is open to the internet.







17593 posts

Uber Geek
+1 received by user: 5062

Trusted
Lifetime subscriber

  Reply # 1171805 9-Nov-2014 20:51
Send private message

SaltyNZ: Printers too. Brother printers by default have Internet Print Protocol turned on. If one were to look, then one could gain the IP addresses of a lot of Brother printers that one might then add as one's own printer to print whatever one so desired, you know, for science. I'm sure the same is true for just about every other brand of printer too, but since I have Brother printer myself I did some research. On a more serious note, this also means a lot of printers are wide open to exploitation with a view to installing malicious firmware over the internet. The printers themselves are pretty sophisticated computers: more than powerful enough to serve as a nice beachhead inside your network. I'm a little surprised it isn't already widely exploited.


What exactly do you imagine the point of this is ? Malicious printing? Printers are obviously not physically accessible so sending print jobs to them would serve no useful purpose, unlike cameras would could be used to determine the status of an office for a potential robbery.

3111 posts

Uber Geek
+1 received by user: 946

Trusted
Lifetime subscriber

  Reply # 1171848 9-Nov-2014 22:03
One person supports this post
Send private message

networkn:
SaltyNZ: Printers too. Brother printers by default have Internet Print Protocol turned on. If one were to look, then one could gain the IP addresses of a lot of Brother printers that one might then add as one's own printer to print whatever one so desired, you know, for science. I'm sure the same is true for just about every other brand of printer too, but since I have Brother printer myself I did some research. On a more serious note, this also means a lot of printers are wide open to exploitation with a view to installing malicious firmware over the internet. The printers themselves are pretty sophisticated computers: more than powerful enough to serve as a nice beachhead inside your network. I'm a little surprised it isn't already widely exploited.


What exactly do you imagine the point of this is ? Malicious printing? Printers are obviously not physically accessible so sending print jobs to them would serve no useful purpose, unlike cameras would could be used to determine the status of an office for a potential robbery.

Read beyond Salty's first 4 sentences...

916 posts

Ultimate Geek
+1 received by user: 222

Subscriber

  Reply # 1171919 10-Nov-2014 08:26
Send private message

astrae: Are these users opening ports on their router to the cameras? Struggling to understand if your intelligent to know how to open ports on your router, you would know the implications of not changing the default passwords.

I can only access my NVR at work over VPN so nothing is open to the internet.


All of my Hikvision cameras had uPNP enabled by default to open a port on the firewall for remote access.

21296 posts

Uber Geek
+1 received by user: 4297

Trusted
Subscriber

  Reply # 1172236 10-Nov-2014 14:42
Send private message

I got a couple of cheap IP cameras from aliexpress. One of them by default has a cloud service enabled, even without ports opened it still gets thru to it, and I only noticed because there is a cloud URL in the admin pages. I had not changed my camera from the default of admin and 123456 at that time and hitting the URL was straight into it, I assume because I had just been logged into it locally the browser plugin cached the username and password.

I dont think I will be giving these cameras internet access when I get around to installing them.

Here is one that I found by just changing the URL a bit - http://434906.seetong.com/

I have no idea where it is, but the only difference is that number at the start, plenty in the 312xxxx range.

Add to this that video from blackhat last year about how a guy found exploits in alot of cameras just from looking at the firmware updates with things like unprotected scripts passing paramters to system without cleaning them up, and you have a small gutless linux machine on a remote network you can get to and then use to start exploiting other things on that network.

This is why the whole "internet of things" craze is so worrying. The people making these dont give a crap about security, they will probably never see a firmware update applied in their life even if they are available because they are working fine, and you have no idea what will happen to those "p2p" servers that relay the data in the future as I dont see how that is a viable business model when a company making the cameras is not charging an ongoing subscription to use them.




Richard rich.ms

678 posts

Ultimate Geek
+1 received by user: 149


  Reply # 1172243 10-Nov-2014 14:51
Send private message

iirc there's a bunch of youtube videos of people remotely taking over cameras and even playing sound from some of them

21296 posts

Uber Geek
+1 received by user: 4297

Trusted
Subscriber

  Reply # 1172244 10-Nov-2014 14:57
Send private message

The one of someone playing rockwell's sometimes I feel like somebodys watching me out the guys PTZ one and he calls the helpdesk is quite funny.





Richard rich.ms

Create new topic

Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Intel introduces new NUC kits and NUC mini PCs
Posted 16-Aug-2018 11:03


The Warehouse leaps into the AI future with Google
Posted 15-Aug-2018 17:56


Targus set sights on enterprise and consumer growth in New Zealand
Posted 13-Aug-2018 13:47


Huawei to distribute nova 3i in New Zealand
Posted 9-Aug-2018 16:23


Home robot Vector to be available in New Zealand stores
Posted 9-Aug-2018 14:47


Panasonic announces new 2018 OLED TV line up
Posted 7-Aug-2018 16:38


Kordia completes first live 4K TV broadcast
Posted 1-Aug-2018 13:00


Schools get safer and smarter internet with Managed Network Upgrade
Posted 30-Jul-2018 20:01


DNC wants a safer .nz in the coming year
Posted 26-Jul-2018 16:08


Auldhouse becomes an AWS Authorised Training Delivery Partner in New Zealand
Posted 26-Jul-2018 15:55


Rakuten Kobo launches Kobo Clara HD entry level reader
Posted 26-Jul-2018 15:44


Kiwi team reaches semi-finals at the Microsoft Imagine Cup
Posted 26-Jul-2018 15:38


KidsCan App to Help Kiwi Children in Need
Posted 26-Jul-2018 15:32


FUJIFILM announces new high-performance lenses
Posted 24-Jul-2018 14:57


New FUJIFILM XF10 introduces square mode for Instagram sharing
Posted 24-Jul-2018 14:44



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.