y CCTV has been HACKED
Basically I noticed that my external viewing stopped working and found that I had been hacked.
All cameras colour/contrast settings set so that showing black instead of camera picture (although camera still working if reset contrast etc..
Each camera name changed to ‘HACKED’
Network settings changed
PPPoE username and password changed
So I googled and read that it could be down to default passwords or backdoor through the actual cams.
I reset all of the passwords, changed my network settings back, renamed the cameras back and exposed to internet again to see if it happened again as there are risks with updating firmware I might brick the cameras.
All was ok for a few days and then I was HACKED again in exactly the same way except that the cameras were mostly renamed to HACKED but one ws named Upgrade and one named firmware.
It was almost as if someone was telling me that they had hacked me and that I needed to update my firmware.
Therefore, I am now going to update firmware on cameras and DVR, reset passwords and look at my port forwarding and avoid defaults and unnecessary port forwarding rule
Cameras wired connections to iappollo DVR
DVR wired connection to network bridge
Bridge wireless connection to Router
Max Connection 128
Router setup with dynamic DNS
Router port forwarding setup for Ports above.
But I have gaps in my understanding of the network settings on the dvr ports etc and have some questions.....
1. Maximum Connection 128 – is this maximum concurrent users? If so If I want to allow a maximum of 2 external concurrently would I set to 2 or do I need it higher because my router is connected and cameras are connected etc.?
2. HTTP port 80. I assume that this is to allow me to externally connect to the DVR via an internet browser? If that is the case and I only want to be able to connect via mobile phone and the mobile phone app only uses 37777, am I right in assuming that if I turn off port forwarding for port 80 on the router I can still connect via 37777 via TCP on mobile app?
3. TCP 37777, assume I need this one but should I change the number as bots likely to scan this port more often than some obscure port number? If yes Any port numbers I can not use or should use?
4. UDP 37778 – for same reason as in 2 (I only use mobile app using TCP 37777) can I get rid of port forward rule for 377778?
5. HTTPS 443 – for same reason as in 2 (I only use mobile app using TCP 37777) can I get rid of port forward rule for 443?
6. RTSP 554 - for same reason as in 2 (I only use mobile app using TCP 37777) can I get rid of port forward rule for 554?
A lot of questions but any answers will help my understanding a great deal and any other useful info would be much appreciated.
Edited by mattcctv, 21 October 2017 - 08:56 AM.