Forumite

Hikvision Camera problem

HOME Forums Tech Security Talk Hikvision Camera problem

  • Creator
    Topic
  • #12912
    Participant
    Ian
    @davo1

    Just discovered I could not access my camera IPcamera.

    The SADP tool showed it had reverted to default settings. I got up and running again from backup last night but same again this morning.  I port forward two camera on 80 and 8000 and 81 and 8001 so I can view the camera from the IVMS4200 app. It is the camera on port 81 that is the problem. Googling the issue, I now see Hikvision look to have a backdoor problem and I suspect the IPcam is getting knocked out by a “bad actor” so to speak. GRC Shields up shows port 80 is stealthed but 81 is open? Not sure why that would be I am on a sky Q router, I don’t think there is a way to stealth the port.

    I have not updated my firmware since buying the camera. I see on the Hikvison website they are recommending this. I have the 2CD2132F-I camera

    I think the link has the upgrade for this (top one on the list).

    http://www.hikvision.com/en/Press-Release-details_435_i1478.html

    Will this likely sort the issue off accessing the camera? A number of people suggest you should not be port forwarding at all and VPN into the camera.

    Looking for a bit of advice really. If I need to VPN will need to work out to do this, ideally, hoping firmware upgrade will solve along with change of password ( I had already changed from default).

    Thoughts appreciated

    Thanks

    Ian

     

     

    Same name same person

Viewing 8 replies - 1 through 8 (of 8 total)
  • Author
    Replies
  • #12914
    Participant
    Ed P
    @edps
    Forumite Points: 15,216

    I had problems with port 81 and Firefox (not Hikvision). In that instance it was Firefox’s new security settings not recognising the port as a secure one despite it being on the home network. When I mentioned it here Dave said that this was not a problem on Hikvision so the problem area may just be coincidental.

    #12920
    Participant
    Dave Rice
    @ricedg
    Forumite Points: 8,306

    I’ve just been to a Hikvision roadshow this morning. Fake noos, they do not have a backdoor problem.

    “At Hikvision, we always stand up and take responsibility and we always will. While some do a lot of talking, we’re taking action every day to make Hikvision products as secure as possible. Constant improvement is built into our product development processes. In addition to our Network and Information Security Lab, The Hikvision Security Response Centre (ISO/IEC 27001 certification), and Hikvision Security Centre. We are working with CISCO and other top-notch companies to benchmark product security requirements, security design and security testing.

    We regularly invite international organisations, such as Ernst & Young, to further evaluate and advise on our security system. We have also worked closely with renowned security companies such as Symantec, Synopsys and IBM. We are willing to cooperate on enhancing product safety with companies from all over the world.”

    However vulnerabilities are found in products all the time, see the recent posts on WPA being compromised, and that’s why you need to keep your firmware up to date. Keeping the default password is also a huge vulnerability, indeed you cannot do this anymore with Hikvision kit. Anything new has to be activated and as part of that tou are compelled to choose a strong password. There is no such thing as a default password any more.

    The camera is in the R0 family, the latest firmware is V5.4.5 170123 and you can download it from here

    Also get the latest version of iVMS4200, if yours is old it may not work properly with the newer camera firmware. Get it from here

    There should be no problem with Port Forwarding and security, just make sure you have a strong password on the camera. The port needs to be open or you can’t connect to it!  A VPN needs to be terminated somewhere so you’d need a router (or PC) capable of doing that.

    But reading your post I’m not even sure your cameras are even on a different site to the PC with iVMS4200? If you’re on the same LAN, Port Forwarding is not required.

    #12928
    Participant
    Ian
    @davo1
    Forumite Points: 63

    Thanks for the reply Dave

    Apologies, confusing matters. It is the IVMS 4500 android app that I use to view the Ip cameras remotely.

    Password was one of the first things I changed, it is reasonably strong but will review again when updating the firmware.

    The cameras have been very reliable last couple of years or so, just strange behaviour with one of them.

    Is it worth picking a  less well known ports for forwarding? Will update the firmware and take it from there.

    Cheers

    Same name same person

    #12937
    Participant
    Dave Rice
    @ricedg
    Forumite Points: 8,306

    In the Network / Basic Settings / NAT uPnP may be enabled. This could well be changing the port so turn it off.

    Things have changed dramatically when it comes to remote access with the introduction of Hik-Connect, it does away with Port Forwarding entirely. After you’ve upgraded the firmware see if you can use it. Network / Advanced Settings / Platform Access. Google “setup hik connect”if you can indeed use it.

    #12942
    Participant
    Ian
    @davo1
    Forumite Points: 63

    Thanks DaveRight this has turned into a bit of a nightmare

    Said Firmware update failed but camera was still showing as working but some error mesages on screen so I shut browser

    Now I can login getting the following message

    Access Error: 404 — Not Found Can’t locate document: /doc/page/login.asp

    Can still see camera in IVMS4500 so it is still working

    Arrgh!

    Need some help if possible

    Ian

     

     

    Same name same person

    #12943
    Participant
    Dave Rice
    @ricedg
    Forumite Points: 8,306

    Time to do a reset.

    I’m not sure how far you can login, if you can get to the Configuration tab go to Maintenance and try Restore all parameters to default settings.

    If you can’t login you’ll need to use the reset button on the camera https://www.youtube.com/watch?v=She6vbZYtbY&vl=en

    It depends on how far the firmware update got. You may now have to activate the camera or it could still be on the old default password system. SADP will let you do either, you’ll need V3 if you need activation. Get it here

    If the firmware update was a step too far you can get the intermediary ones from here

    #12962
    Participant
    Ian
    @davo1
    Forumite Points: 63

    Thanks Dave.

     

    Both cameras were knocked out again yesterday so that’s one way of resetting. Managed to upgrade the firmware now, although that it a bit picky and took a couple attempts.

    Couldn’t use my backup settings due to upgrade so had to set up the cameras from scratch…… Not sure totally correct will have to look at manual again or network camera critic for setup.

    Never mind. Let’s see if they stay up now over next day or so. If so I am assuming they were getting reset by external source. Fingers crossed.

    The hardware is great but software is a bit confusing to set up and can be flaky at times. I got IVMS4200 running last night after bit of effort, then it forgot a camera and I can’t get  it connected back again now……

    Will investigate further but may need input with error messages. Thanks again for replies.

     

     

    Same name same person

    #12966
    Participant
    Dave Rice
    @ricedg
    Forumite Points: 8,306

    See if you can use Hik-Connect (network / platform access). It is the easiest way to connect to cameras.

    I can see nearly 100 customer cameras on my phone (not at the same time!) and also access the recordings. No port forwarding required. On one site the cameras are behind 2 routers, which is also the case if you use a Hikvision NVR with PoE ports.

Viewing 8 replies - 1 through 8 (of 8 total)
  • You must be logged in to reply to this topic.

Support Forumite

Choose between a one off contribution or a subscription. 

It only Takes a Minute or two.
Lets Go!
close-link