Subscriber Discussion

Assuming Control Of 50+ Dahua DVR Systems - What To Do?

UE
Undisclosed End User #1
Apr 21, 2020

Our Corporate Security Department was recently tasked with assuming control of the camera systems of a newly acquired subsidiary company. Nearly 50 small business properties, all with a Dahua DVR and 4-8 cameras; I have no idea on model, firmware, etc, and very little information on what we're dealing with. We're at the very beginning stages of conceptualizing how to go about this.

I have zero experience with Dahua, but know they are vulnerable and have a history of being hacked and exploited.

* *** * ****** ***** ******* from *** ********** ******* **** **** has ***** **** ** ***** **********; the ****** ***** ******** ** **** had * *** ** ***. **** did, *** **** ********* *****/***** ** the ********, **** * ******* **** at *** ****** ********** ****** *** available ** ******* *** ******** ** front ** *** ****. *** **** this ******* ***** **** ********* **** was ******* ** ****** ** ****** gives ** ***** ** *** ******** considerations ** *** **********.

** *** * ****** ***** **** with *** ******** *********, ************* ** Axis, ****** ******** ***** *********, ***, and ******* ** *** ** ********** to ****** ******* ********, ***.

**** **** ****, **** ****** *'* not ** *****, * **** **'** inheriting ********** ******** ********* ** ***** slammers ******-****. ******* *** ***** ******** and *** *** ***** ** ***** subsidiaries ****** ****** ******* ** *** security ** ***** ***** ***'*, *'* assuming ***** *** **********.

*** ********* ******* *** ** **** of **** ** *** ************, *** it's ******.

*'* ******* *** *********** ** *** to ****** ***** *****, ** **** as **** ********* ****** * ** asking *** ******* **** ** **** in *** ********** ** *** ********.

** * **** ** ***** ***** the *******, ***? **** *************** ** they ****?

*** *** ***'* ******* **** *****, waiting ** ******* *************** *** ****** they ***** *** *******? ** *** I **** **** ** ** *** line ** *****, **** ***** ** the ***** *** **** **** **** onto *** *******? **** **** ****, I ***'* **** **** **** ***** to ****.

* ***** **** ***** ** *** of ***** ********** ********* *** ******* had *** ******* ********* **** *** phone, * ****** *** ***. **** this ***** **** ********** ** *******?

** ** **** ******* ******* **** into *** *** ***, ** **** them ********* *** **** *** ** as ****** ** **** *****?

*****, **** *** **** ****** ** our **** *** ***** *** *** we're ***** ****** ** *** *** minds ******* ****** **** **'** **** tasked ****. *** ****/******/******* ***** ** appreciated.

JH
John Honovich
Apr 21, 2020
IPVM

**** ***, *** **** ********* *****/***** as *** ********, **** * ******* note ** *** ****** ********** ****** was ********* ** ******* *** ******** in ***** ** *** ****.

** **** ****** *** *****/***** ** allow *** '*******' * ****** ********, at ***** *** ** ******* ***** firmware. *******, **** *** **** **** risk *** ** ***** *** *** general ***** ** ********* *** ********.

****, **** *** ******** **** *** units *** ****** *** **** *** public ********, ** **** **********, ***.?

UE
Undisclosed End User #1
Apr 21, 2020
In reply to John Honovich

********** ** *** **** ** ******** firmware.

**. *** ** **** ********? *** the *** ***? ***** ** ** person *** *** ********** ** **** to **** *******?

U
Undisclosed #3
Apr 21, 2020
In reply to Undisclosed End User #1

"****, **** *** ******** **** *** units *** ****** *** **** *** public ********, ** **** **********, ***.?"

*** *** ***** **** ***** ** any ****** ** ** *** ******** here:**** **** ***** **** - **** Port ********** ** **** ******

***** *** ***** ****** *** *** ports ** **** *** ***** **** one ** *** ***** **** ******* the ****** **

(1)
Avatar
John Scanlan
Apr 21, 2020
IPVM • IPVMU Certified
In reply to Undisclosed #3

* ***** **** #*. *** **** thing * ***** *** ** ** the ** ***** *** ***** ** site ** ***** ** ****** ** check *** ****** *** ********* ** verify *** **** ***** **** ****** than ******** ******* *** ******* ****. Below ** * ****** **** ******* this ******* *** *** / ** dept (*** **** ******** *********).

**** *** **** ***** *** ******* on **** *** **** ********** *****.

** ******** ** **** ********** **** have **** ***** ** *** ** UPnP ** ****** ** *** ***** gear *** *** ******.

** ******** ** *** ****** ******* linked **** #* ***** *** *** use * **** ******** ***, **** NMAP, **** **** **** **** *****. We **** ******* ** ***** **** ****.

(2)
(1)
U
Undisclosed #3
Apr 21, 2020
In reply to John Scanlan

"** *** ** ***** *** ***** on **** ** ***** ** ****** to ***** *** ******** *** ********* to ****** *** **** ***** ****"

******* ********.

"**** *** **** ***** *** ******* on **** *** **** ********** *****."

** * **** **-****, * ***** go **** ***** - **** ****** I ******* *** ***** ********* (*** not *********** - **** **** ******* [one ***** ****] ******* ****).

U
Undisclosed #5
Apr 21, 2020
In reply to Undisclosed End User #1

********** *** ** ****** *** *****.

**** **** ** ***** *** ****** to *** ** *** ******** ***** are ********* ** *** ** ******* that ** ******** ** *** ***** recorder.

(1)
UE
Undisclosed End User #2
Apr 21, 2020

*** *** ******* ****!

(1)
(2)
Avatar
Dwayne Cooney
Apr 21, 2020

**** **** **** *** *** *** if **/*** *** ******* *** **** discounts **** **** ********** ** *** and ******* ***** *******.

(3)
U
Undisclosed #4
Apr 21, 2020

***** ***** ** *******, *** ***** IP ******* ** **** *** ****** connected ** *** (***/***/***, * ***** Dahua ** ***?)

U
Undisclosed #5
Apr 21, 2020
In reply to Undisclosed #4

* ****** ****. *** ********** **** to **** ** **** *** ** cameras ** ***.

** **** *** ******* ******** **** has *** ****** ******** * *** tell *** **** ***% ********* **** there *** ********** ******* ***************. ***** vulnerabilities *** **** ** *** ****** domain ***** ***** **** **** ********* could ****** ** ***********.

* ***** ********* *** ********* ******* so *** *** **** * ****** assesment

*. *** ******** ** **** ** send *** *** ***** ******* *** firmware ******* ** *** ********* ******. I *** *** ******** *** ******* it ** ** ******* * ** sure ******* ** **** *** **** tell *** *** ** ****** ****.

*. **** *** **** *** ****** and ******** ******* ***** ******** ** see ** ***** ** *** ******** available **** *** ******* *** ***** vulnerabilities. ** ***** ** ** ****** available **** **** *** **** **** out. *** **** ** *** **** to ***** ***** ******** ** *****.

*. *** **** ***** ***** ****** for *** ******* ** * ************* company *** *** ****** **** ******** the ********.

*. **** * ****** ********* ** each **** ** ****** **** *** firmware ****** *** ** ********** ************* with **********. **** ********** “***** *******” have ** **** ***** ********** ** you *** ********** ****** *** **** a ******** ** **** ****** ** networking ** ***** **** ******** *** going ** **.

*. ******* *** ********* ******* ** the ******* ***** ************* **** ********.

*. **** ******** *** ****** **** be **** ** ******** *** ****** and ******** ** *** ******* ******* the *** ********* ** ** ** IP. ** ** ** *** ***** is *** **** **** ******

*. **** *** ******** ** *** cameras *******.

*. ******* *** ***** ***/*** ** your ***

*. ********

** ** ********* **** *** **** with ******* *** ** **** ********* to ***** ** ***** *** **** things **** *** ** ***** ** the ***** ******* ***** ***** ******* direct ********** **** ***** ** *****. Just ******* ***** ******** *** *** them ********* *** **** ******* ** help *** **** **** *******.

** ** * ******** **** ******* with *** ******* ****** ******* *** it ****** *** ** *** *********

U
Undisclosed #5
Apr 21, 2020
In reply to Undisclosed #4

*.*. **** **** *** ****** ****** can **** ****** ****** ** *** site ** ***** ********* **** **********.

UM
Undisclosed Manufacturer #6
Apr 21, 2020

* *** ** ****** **** *** suggesting *** *** **** *** *** and ******* ****, *** * ***** say **** ******* ** *** ***** of **** *******.

*. ** *** **** ** ****** these ******* *** ********? ** *** then ******* *** ********, ****** *** passwords, ****** **** ******* **** ******* access *** *** ****** ****** *** need ** *** ******** **** **** the ********. (**** ** *** ****** for **** * ***** *** ********** of *** ************.)

*. ** *** ** **** ****** can *** ** ** *** ***? What ** *** ******* ************ ***** to ** **** ** *** ******* you **** *** ******* **** ********** into ****? ** ** ******** ** have ********* *** ******* ** *** these ********** **** *** ******* *** not ***** *** ***** ********** ****** access?

***** *** ***'* *** ****** ***** as *** ** *********** ** ** you *** **** ** ****, **** leave **** ** ***** *** ***. Expect ** ******* **** ** **** point ** ***** **** ****** **** your ******* ********* *** ** *** can ** ********* **** *** ** the *********** ***** **** **** ***** the ********* ****. **** *** ********** chaos **** ***** **** *** ********* colliding ********, *** *** ******* **** on * ******** **** ***** ***** to ***.

(1)
(1)
UM
Undisclosed Manufacturer #7
Apr 23, 2020

***.

(1)
(1)
(2)
New discussion

Ask questions and get answers to your physical security questions from IPVM team members and fellow subscribers.

Newest discussions