How many people actually turn on events "illegal login" and receive notifications?
I am constantly getting spammed by emails telling me someone is illegally logging in to Hik NVR. This is happening on multiple sites. When customers see this they become very worried about someone trying to login from the outside.
Is this happening to other entry level NvRs? Or is the Hik units a target?
If the NVR is exposed to the internet via port forwarding or DMZ, then it's extremely common to get "probed" (the electronic equivalent of what you're thinking).
With the recent Mirai problems, NVR's and cameras are prime targets. If you look at the network traffic, you'll notice you'll get connection attempts from all different IP addresses. Most if not all of it is completely automated - bots scanning IP ranges, doing port scans, probing well known ports and services looking for any known weakness.
If they are willing to lock down income connection attempts to a specific set of IP addresses, you can block all of these connection attempts. Alternatively, if they're willing to use VPN, that would be even more secure.
Ask questions and get answers to your physical security questions from IPVM team members and fellow subscribers.
