Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


74 posts

Master Geek
+1 received by user: 16


Topic # 154822 9-Nov-2014 10:32
One person supports this post
Send private message

Well after just installing new IP based security cameras at work, I was sure to make 100% sure none were still loaded with default passwords.

Then I see this story http://www.techspot.com/news/58747-website-streams-private-ip-cameras.html


And lo and behold at the time, 122 non-secure IP based systems live in NZ.

http://insecam.com/cam/bycountry/NZ/


Interested in seeing if anyone sees the inside of their office online.....

Create new topic
4376 posts

Uber Geek
+1 received by user: 1891

Trusted
Subscriber

  Reply # 1171594 9-Nov-2014 11:15
Send private message

Printers too. Brother printers by default have Internet Print Protocol turned on. If one were to look, then one could gain the IP addresses of a lot of Brother printers that one might then add as one's own printer to print whatever one so desired, you know, for science. I'm sure the same is true for just about every other brand of printer too, but since I have Brother printer myself I did some research. On a more serious note, this also means a lot of printers are wide open to exploitation with a view to installing malicious firmware over the internet. The printers themselves are pretty sophisticated computers: more than powerful enough to serve as a nice beachhead inside your network. I'm a little surprised it isn't already widely exploited.




iPad Air + iPhone SE + 2degrees 4tw!

These comments are my own and do not represent the opinions of 2degrees.


26487 posts

Uber Geek
+1 received by user: 6037

Moderator
Trusted
Biddle Corp
Lifetime subscriber

  Reply # 1171605 9-Nov-2014 12:00
Send private message

A lot are Hikvision systems, and I'd pick installed by the same person. They clearly know so little they're enabling web access with the default password enabled.





253 posts

Ultimate Geek
+1 received by user: 16


  Reply # 1171767 9-Nov-2014 19:40
Send private message

Are these users opening ports on their router to the cameras? Struggling to understand if your intelligent to know how to open ports on your router, you would know the implications of not changing the default passwords.

I can only access my NVR at work over VPN so nothing is open to the internet.







17116 posts

Uber Geek
+1 received by user: 4854

Trusted
Lifetime subscriber

  Reply # 1171805 9-Nov-2014 20:51
Send private message

SaltyNZ: Printers too. Brother printers by default have Internet Print Protocol turned on. If one were to look, then one could gain the IP addresses of a lot of Brother printers that one might then add as one's own printer to print whatever one so desired, you know, for science. I'm sure the same is true for just about every other brand of printer too, but since I have Brother printer myself I did some research. On a more serious note, this also means a lot of printers are wide open to exploitation with a view to installing malicious firmware over the internet. The printers themselves are pretty sophisticated computers: more than powerful enough to serve as a nice beachhead inside your network. I'm a little surprised it isn't already widely exploited.


What exactly do you imagine the point of this is ? Malicious printing? Printers are obviously not physically accessible so sending print jobs to them would serve no useful purpose, unlike cameras would could be used to determine the status of an office for a potential robbery.

3064 posts

Uber Geek
+1 received by user: 909

Trusted
Subscriber

  Reply # 1171848 9-Nov-2014 22:03
One person supports this post
Send private message

networkn:
SaltyNZ: Printers too. Brother printers by default have Internet Print Protocol turned on. If one were to look, then one could gain the IP addresses of a lot of Brother printers that one might then add as one's own printer to print whatever one so desired, you know, for science. I'm sure the same is true for just about every other brand of printer too, but since I have Brother printer myself I did some research. On a more serious note, this also means a lot of printers are wide open to exploitation with a view to installing malicious firmware over the internet. The printers themselves are pretty sophisticated computers: more than powerful enough to serve as a nice beachhead inside your network. I'm a little surprised it isn't already widely exploited.


What exactly do you imagine the point of this is ? Malicious printing? Printers are obviously not physically accessible so sending print jobs to them would serve no useful purpose, unlike cameras would could be used to determine the status of an office for a potential robbery.

Read beyond Salty's first 4 sentences...

914 posts

Ultimate Geek
+1 received by user: 222

Subscriber

  Reply # 1171919 10-Nov-2014 08:26
Send private message

astrae: Are these users opening ports on their router to the cameras? Struggling to understand if your intelligent to know how to open ports on your router, you would know the implications of not changing the default passwords.

I can only access my NVR at work over VPN so nothing is open to the internet.


All of my Hikvision cameras had uPNP enabled by default to open a port on the firewall for remote access.

21124 posts

Uber Geek
+1 received by user: 4215

Trusted
Subscriber

  Reply # 1172236 10-Nov-2014 14:42
Send private message

I got a couple of cheap IP cameras from aliexpress. One of them by default has a cloud service enabled, even without ports opened it still gets thru to it, and I only noticed because there is a cloud URL in the admin pages. I had not changed my camera from the default of admin and 123456 at that time and hitting the URL was straight into it, I assume because I had just been logged into it locally the browser plugin cached the username and password.

I dont think I will be giving these cameras internet access when I get around to installing them.

Here is one that I found by just changing the URL a bit - http://434906.seetong.com/

I have no idea where it is, but the only difference is that number at the start, plenty in the 312xxxx range.

Add to this that video from blackhat last year about how a guy found exploits in alot of cameras just from looking at the firmware updates with things like unprotected scripts passing paramters to system without cleaning them up, and you have a small gutless linux machine on a remote network you can get to and then use to start exploiting other things on that network.

This is why the whole "internet of things" craze is so worrying. The people making these dont give a crap about security, they will probably never see a firmware update applied in their life even if they are available because they are working fine, and you have no idea what will happen to those "p2p" servers that relay the data in the future as I dont see how that is a viable business model when a company making the cameras is not charging an ongoing subscription to use them.




Richard rich.ms

667 posts

Ultimate Geek
+1 received by user: 142


  Reply # 1172243 10-Nov-2014 14:51
Send private message

iirc there's a bunch of youtube videos of people remotely taking over cameras and even playing sound from some of them

21124 posts

Uber Geek
+1 received by user: 4215

Trusted
Subscriber

  Reply # 1172244 10-Nov-2014 14:57
Send private message

The one of someone playing rockwell's sometimes I feel like somebodys watching me out the guys PTZ one and he calls the helpdesk is quite funny.





Richard rich.ms

Create new topic

Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

N4L helping TAKA Trust bridge the digital divide for Lower Hutt students
Posted 18-Jun-2018 13:08


Winners Announced for 2018 CIO Awards
Posted 18-Jun-2018 13:03


Logitech Rally sets new standard for USB-connected video conference cameras
Posted 18-Jun-2018 09:27


Russell Stanners steps down as Vodafone NZ CEO
Posted 12-Jun-2018 09:13


Intergen recognised as 2018 Microsoft Country Partner of the Year for New Zealand
Posted 12-Jun-2018 08:00


Finalists Announced For Microsoft NZ Partner Awards
Posted 6-Jun-2018 15:12


Vocus Group and Vodafone announce joint venture to accelerate fibre innovation
Posted 5-Jun-2018 10:52


Kogan.com to launch Kogan Mobile in New Zealand
Posted 4-Jun-2018 14:34


Enable doubles fibre broadband speeds for its most popular wholesale service in Christchurch
Posted 2-Jun-2018 20:07


All or Nothing: New Zealand All Blacks arrives on Amazon Prime Video
Posted 2-Jun-2018 16:21


Innovation Grant, High Tech Awards and new USA office for Kiwi tech company SwipedOn
Posted 1-Jun-2018 20:54


Commerce Commission warns Apple for misleading consumers about their rights
Posted 30-May-2018 13:15


IBM leads Call for Code to use cloud, data, AI, blockchain for natural disaster relief
Posted 25-May-2018 14:12


New FUJIFILM X-T100 aims to do better job than smartphones
Posted 24-May-2018 20:17


Stuff takes 100% ownership of Stuff Fibre
Posted 24-May-2018 19:41



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.