You need to do the packet capture for 24/7 24hrs 7days, sometimes the devices only phone "home" at odd hours of the morning eg 2-3am when most are not probably monitoring
Had one running for a day so far, and nothing new. I don't honestly expect this device to do anything like that really, but hey, I'll leave it run for a while.
Heya, I found it's not the cameras that connect out it's the nvr that connects back to China. When using the nvr it doesn't redirect the plugin to the nvr it goes External.
Where did you source the camera from? Local distributor or from direct from vendor? I would be concerned about about firmware if coming directly from vendor. I would flash firmware from their website before testing for more real world likeness.
HikVision sent him the camera to examine for nefarious stuff or specifically to see nothing nefarious was going on with their products. I know, right :/
I have a similiar color-nightvision camera and concrete and grass looks amazing at night, but try to identify the face of a normal walking person. that is the interesting part and that is at most avarage, at least on my camera compared to an old style camera with infrared light.
Not being a network guy (accountant here), I did wonder if there was any actual basis to these claims of network spying. As I understood it, the Huawei code that had been subject to an audit in Europe turned up no bad stuff except some pretty rough and ordinary coding. Embarrassing enough I'd have thought. I would guess it would be the same for many other chinese manufacturers. So I was fascinated to see you do a simple version of exactly the kind of analysis that I'd have thought would be definitive and clearly resolve the issue. I guess that you'll be keeping an eye on whatever else this camera comes up with over time - there are those who believe that these things only "phone home" after a settling in period - and let us know if anything anomalous shows up.
I saw that, but it sounded a like a bit of a stretch. Nonetheless, I've started a capture over time which has only been running for a day, but no other traffic than what I saw. I don't really expect to see anything special pop up.
Years ago, discovered that Hikvision could bypass any admin lost password by simply having your serial number. They’d supply a password for admin that could be used once to get in.😮
very interesting, ive just bought a modern Hik NVR to go on my CCTV network, I am amazed at the level of in-NVR functionality, and the new PTZ cameras also have this functionality "ai" face recog, car plates, anti animal, warning bells and whistles, etc etc, however yes points taken regarding remote access by the Shadowy or Chinese guys... Shame you guys cannot get it in australia? does that mean domestic sales and imports banned ?
I just think people latch onto some idea that someone puts into their heads, without digging into the nuts and bolts of how something actually works, to know exactly what it is or isn't doing.
@@TallPaulTech yep, bullshit baffles brains! I've just had problems where I live in asia setting up a 3D printing system (voron) as someone has told the .gov that everyone with printer will print guns.
So their software is shit, just like the Huawei software audited in the EU. If they are controlled by the CCP they're not doing their job very diligently.
I have a Hikvision domecamera and it always try to connect some server. It is about 6k queries a day. I did post a comment with that URL but it seems that is was removed.
If you don't disable the internal services like Platform Access or whatever else they call it, it will try to connect. These services are usually to enable people to remotely view their cams from anywhere with little to no network knowledge.
I have (kind of) the previous version of that camera, a Hikvision ColorVu with a 2.8mm lens. A Norwegian security company found I think it was 18 vulnerabilities in the firmware which is why starting in 2018 Hikvision cameras, along with Dahua and Huawei were banned from all USA federal agencies, so use Chinese cameras at your own risk.
You're clearly using Hik's export market cameras. Pull in a few of the Chinese Hik's from TaoBao and maybe you'll get different results. I use the Chinese versions because they're a lot cheaper (save the shipping costs!).
I agree. Had the sample been purchased independent of Hikvisions control, it could show something different. Many of the Hikvision cameras I purchased direct from China, I was able to hack new US/UK firmware on them with the help of the ipcamtalk forum. Also, I run all my cameras on a separate vlan, with no access to the internet.
That said, If Hikvision send me an 8MP panoramic camera to experiment with, I'd probably do a wireshark video as well. btw, years ago, I did the same port mirroring and ran wireshark to check traffic to/from my cameras/NVR. I did see occasional traffic to amazon web services which didn't make sense and it had me slightly concerned. Hence, why I locked ALL the cameras/NVR down in their own vlan without internet access.
@@MicheIIePucca I didn't hack my cams to English because it's easy to use Firefox translate on their web interface. My NVR is also Chinese so it's just easier, and for the sake of future FW updates, to just keep it all stock. VLANs are fantastic with OpenWRT. We've never had it so good ...gotta love it!
Sweet score on the camera! Quite happy to send you a few legit dodgy ip cams that have hardcored admin rights built into the firmware! It's mostly HiSilicon devices though aka Huawei.
What did you send out to VLC media player? And I have disconnected the Internet from my NVR and two of my neighbors can still watch all of my cameras and I can't figure out how. I've disabled p2p and upnp and DHCP what else can I do to secure my cameras from my neighbors. The two neighbors on this block are criminals and have been hacking people's cameras and home smart devices.
Typically reticence in government stems from a supply chain involvement where they are concerned about one or more component suppliers of components to a device; this was the case with a particular brand of server (a scandal erupted a couple of years ago about "spy chips" being installed on the motherboards used in this brand's server). I am just recalling what I read, they may push the national recommendation out from that. Government networks aren't at all consistent sadly, quality and security standards vary wildly and are often driven by internal political considerations first and foremost. As for the camera - that's amazing, love the scope - though that may be too much here in the UK, if your security camera can see people outside your property everyone gets upset and the courts get involved. How much are those things?
Yep. Check out my video a little while back where I set up my server from scratch. If you install VLC via flatpack it includes RTSP ability. Come on Detective Inspekta!
as i said before, out of the box there’s no way it would phone home. Instead you would include a method to ‘illuminate’ it remotely via a crafted dns response for example.
Yeah but if it is on an isolated offline camera VLAN it can't get any dns results or for that matter any in/out traffic to the internet. The only thing security cameras and their ethernet ports should be connected to is a VMS server you should consider any ethernet security camera connection a vunrablity as well as it can bring ethernet well outside your secure building envelope (the wires are on the outside a lot) and physical security is much much more important as it doesn't matter how secure your external firewall is if your don't set things up correctly internally.
@@riakata so that’s why a guy in a high vis top was on a ladder with a laptop, using the ethernet from the “security” camera which was “securely” installed 🤣🤦♂️👍
Hi Paul, greeting from Poland, following your channel since a couple of months, great content ! I am looking for a good port mirror device like yours, could you please provide the manufacturer of that particular device ?
I don’t think Paul uses something elaborate. You can use any type of managed switch that supports port mirroring. Take a look at TP-Link TL-SG10 or a NETGEAR GS105Ev2, both affordable switches
Any half decent managed switch can do that. Or, you could make your own with a Raspberry Pi and a couple of NICs. In fact, I might make a video about that. Pozdrawiam.
As a precaution, I run all my client's Hikvision cameras without DNS, and the DVR itself is always geo-fenced to within Australia only. I trust these cameras about as far as I could spit them out.
@@TallPaulTech Yeah that was the plan originally but unfortunately two of the managers want access via the App on their phones, so I have to let the DVR play outside a little. Also restricting the incoming access to certain IPs is of course impossible as no one has static IPs on their phones (Except for myself). And no, the two managers are techno-idiots and asking them to click a VPN button is simply asking too much. Tried and failed...
@@TallPaulTech Hey, which integration or ? do you use to view your hikvisions via Home Assistant? The info on doing this seemed old and outdated. I've just used the onvif integration so far.
CATS kill on average 7 native animals every night, multiplied by millions of cats. All because people dont keep them locked up at night, and during the day also, and dont put bells on them to try give native animals some hope..
Well obviously they are going to send you one with "clean" firmware! If you want to catch a company doing no good then watch for suspiciously cheap ebay deals, then evaluate what you get. When you find something dodgy as I did, like NTP settings that keep returning to an NTP server controlled by the PLA in mainland China, even after you manually set them, contact the seller or manufacturer and do not be surprised if they play dumb but offer to upgrade your camera OTA. Obviously there are multiple issues there, such as hardware being only one OTA update from running anything the PLA wants, so you must lock them down as you have shown. I personally still would not trust them and would rather spend a lot more money on the parts to build my own cameras from scratch. There is a good business opportunity there for an Aussie who wants to sell locally assembled and certified gear.
He showed how to do this the right way. All firmware is available on their ftp site if you think he got a ‘clean’ one. I would be more concerned about what’s going on in your backyard… headline: “Australia’s New Anti-Encryption Law Is Unprecedented and Undermines Global Privacy’. The Aussie camera will have to follow government rules, right?
@@LauwersFreddy Mate you don't know what I am talking about and your issue with Australian law isn't even remotely relevant. Their FTP site is irrelevant too. Look if you can't even tell me how that NTP anomaly could compromise your LAW then don't even bother trying to lecture me about anything related to the subject. Go and study known exploits associated with NTP if you want to try and pretend to know what you are saying.
I tried to make the point in the video that it doesn't matter what firmware was on it, because you should always assume this or any network host might try to contact something. The key is to design your network right and lock it down so it can't. At least this didn't require internet access to work.
@@LauwersFreddy Yeah you are and here is why. You know what is more powerful than Australian law, a gun held to your head, and that threat has existed for as long as guns, so hadn't it ever occurred to you that people have, decades ago, already worked out how to protect their data from coercive tactics? No I will not give you the details, work it out yourself or stay out of that game.
You need to do the packet capture for 24/7 24hrs 7days, sometimes the devices only phone "home" at odd hours of the morning eg 2-3am when most are not probably monitoring
Had one running for a day so far, and nothing new. I don't honestly expect this device to do anything like that really, but hey, I'll leave it run for a while.
Heya,
I found it's not the cameras that connect out it's the nvr that connects back to China.
When using the nvr it doesn't redirect the plugin to the nvr it goes External.
Where did you source the camera from? Local distributor or from direct from vendor? I would be concerned about about firmware if coming directly from vendor. I would flash firmware from their website before testing for more real world likeness.
HikVision sent him the camera to examine for nefarious stuff or specifically to see nothing nefarious was going on with their products. I know, right :/
yet another great video, thanks😀 Any plans on enlighten us about Home Assistant and its call home feature at setup and mayby your use of HA?
I have a similiar color-nightvision camera and concrete and grass looks amazing at night, but try to identify the face of a normal walking person. that is the interesting part and that is at most avarage, at least on my camera compared to an old style camera with infrared light.
Mate - new desk and new camera. Great vid. The camera looks awesome on your screen.
Not being a network guy (accountant here), I did wonder if there was any actual basis to these claims of network spying. As I understood it, the Huawei code that had been subject to an audit in Europe turned up no bad stuff except some pretty rough and ordinary coding. Embarrassing enough I'd have thought. I would guess it would be the same for many other chinese manufacturers.
So I was fascinated to see you do a simple version of exactly the kind of analysis that I'd have thought would be definitive and clearly resolve the issue. I guess that you'll be keeping an eye on whatever else this camera comes up with over time - there are those who believe that these things only "phone home" after a settling in period - and let us know if anything anomalous shows up.
I saw that, but it sounded a like a bit of a stretch. Nonetheless, I've started a capture over time which has only been running for a day, but no other traffic than what I saw. I don't really expect to see anything special pop up.
let's hope the coding comments aren't as bad as their manuals (if someone got the source)
Years ago, discovered that Hikvision could bypass any admin lost password by simply having your serial number. They’d supply a password for admin that could be used once to get in.😮
very interesting, ive just bought a modern Hik NVR to go on my CCTV network, I am amazed at the level of in-NVR functionality, and the new PTZ cameras also have this functionality "ai" face recog, car plates, anti animal, warning bells and whistles, etc etc, however yes points taken regarding remote access by the Shadowy or Chinese guys... Shame you guys cannot get it in australia? does that mean domestic sales and imports banned ?
I just think people latch onto some idea that someone puts into their heads, without digging into the nuts and bolts of how something actually works, to know exactly what it is or isn't doing.
@@TallPaulTech yep, bullshit baffles brains! I've just had problems where I live in asia setting up a 3D printing system (voron) as someone has told the .gov that everyone with printer will print guns.
Love that night vision colour... Great video .
Didn't anyone noticed that the certs I showed from the openssl command weren't valid anymore?
Nup! I just enjoyed the logical breakdown of how our IP cameras work!
So their software is shit, just like the Huawei software audited in the EU. If they are controlled by the CCP they're not doing their job very diligently.
and transferred over unencrypted and unauthenticated HTTP
I have a Hikvision domecamera and it always try to connect some server. It is about 6k queries a day. I did post a comment with that URL but it seems that is was removed.
Can you do a packet capture and email it to me? I'm curious about it.
If you don't disable the internal services like Platform Access or whatever else they call it, it will try to connect. These services are usually to enable people to remotely view their cams from anywhere with little to no network knowledge.
I have (kind of) the previous version of that camera, a Hikvision ColorVu with a 2.8mm lens. A Norwegian security company found I think it was 18 vulnerabilities in the firmware which is why starting in 2018 Hikvision cameras, along with Dahua and Huawei were banned from all USA federal agencies, so use Chinese cameras at your own risk.
You're clearly using Hik's export market cameras. Pull in a few of the Chinese Hik's from TaoBao and maybe you'll get different results. I use the Chinese versions because they're a lot cheaper (save the shipping costs!).
I agree. Had the sample been purchased independent of Hikvisions control, it could show something different. Many of the Hikvision cameras I purchased direct from China, I was able to hack new US/UK firmware on them with the help of the ipcamtalk forum. Also, I run all my cameras on a separate vlan, with no access to the internet.
That said, If Hikvision send me an 8MP panoramic camera to experiment with, I'd probably do a wireshark video as well. btw, years ago, I did the same port mirroring and ran wireshark to check traffic to/from my cameras/NVR. I did see occasional traffic to amazon web services which didn't make sense and it had me slightly concerned. Hence, why I locked ALL the cameras/NVR down in their own vlan without internet access.
@@MicheIIePucca I didn't hack my cams to English because it's easy to use Firefox translate on their web interface. My NVR is also Chinese so it's just easier, and for the sake of future FW updates, to just keep it all stock. VLANs are fantastic with OpenWRT. We've never had it so good ...gotta love it!
Would this work on a different nvr like reolink
Another great video, keep them coming!
1:20 What episode of Nugget Garage is that?
do you still stream tv to your network? can you make an update video on how you do it? thx
Yeah, there's nothing to update. It's still the same rock solid setup it was years ago.
Sweet score on the camera! Quite happy to send you a few legit dodgy ip cams that have hardcored admin rights built into the firmware! It's mostly HiSilicon devices though aka Huawei.
Fuck yeah, email me cwne88@tutanota.com
What did you send out to VLC media player? And I have disconnected the Internet from my NVR and two of my neighbors can still watch all of my cameras and I can't figure out how. I've disabled p2p and upnp and DHCP what else can I do to secure my cameras from my neighbors. The two neighbors on this block are criminals and have been hacking people's cameras and home smart devices.
Typically reticence in government stems from a supply chain involvement where they are concerned about one or more component suppliers of components to a device; this was the case with a particular brand of server (a scandal erupted a couple of years ago about "spy chips" being installed on the motherboards used in this brand's server). I am just recalling what I read, they may push the national recommendation out from that. Government networks aren't at all consistent sadly, quality and security standards vary wildly and are often driven by internal political considerations first and foremost.
As for the camera - that's amazing, love the scope - though that may be too much here in the UK, if your security camera can see people outside your property everyone gets upset and the courts get involved. How much are those things?
Debian11 no longer supports RTSP in VLC apparently. Any work arounds? Been trying to compile it from source but no luck always coming into errors.
Yep. Check out my video a little while back where I set up my server from scratch. If you install VLC via flatpack it includes RTSP ability. Come on Detective Inspekta!
do you know how i could setup my edgerouter to do dnat for time and dns?
btw, thank you for videos
as i said before, out of the box there’s no way it would phone home. Instead you would include a method to ‘illuminate’ it remotely via a crafted dns response for example.
Yeah but if it is on an isolated offline camera VLAN it can't get any dns results or for that matter any in/out traffic to the internet. The only thing security cameras and their ethernet ports should be connected to is a VMS server you should consider any ethernet security camera connection a vunrablity as well as it can bring ethernet well outside your secure building envelope (the wires are on the outside a lot) and physical security is much much more important as it doesn't matter how secure your external firewall is if your don't set things up correctly internally.
@@riakata so that’s why a guy in a high vis top was on a ladder with a laptop, using the ethernet from the “security” camera which was “securely” installed 🤣🤦♂️👍
What?
I usually zero out the DNS settings in the camera, do you think that would be effective if they were phoning home?
I don't trust settings. I only trust packet captures.
Hi Paul, greeting from Poland, following your channel since a couple of months, great content ! I am looking for a good port mirror device like yours, could you please provide the manufacturer of that particular device ?
I don’t think Paul uses something elaborate. You can use any type of managed switch that supports port mirroring. Take a look at TP-Link TL-SG10 or a NETGEAR GS105Ev2, both affordable switches
Any half decent managed switch can do that. Or, you could make your own with a Raspberry Pi and a couple of NICs. In fact, I might make a video about that. Pozdrawiam.
That would be an interesting video to watch, hope you will make that
the arp request to 128 is most likely looking for the firmware server
Here have a clean camera to show ppl it's good . Lol a short documentary in the UK last showed other wise 🤔
I'd absolutely love to get my hands on one that does dodgy stuff. I want to see what it's actually doing with packet captures, not just word of mouth.
@@TallPaulTech subscribed ready for when you find one ☺👍
As a precaution, I run all my client's Hikvision cameras without DNS, and the DVR itself is always geo-fenced to within Australia only.
I trust these cameras about as far as I could spit them out.
Just have them locked down, and if you want to see them remotely, just VPN into your home. That's what I do, usually via home assistant.
@@TallPaulTech Yeah that was the plan originally but unfortunately two of the managers want access via the App on their phones, so I have to let the DVR play outside a little. Also restricting the incoming access to certain IPs is of course impossible as no one has static IPs on their phones (Except for myself).
And no, the two managers are techno-idiots and asking them to click a VPN button is simply asking too much. Tried and failed...
@@TallPaulTech Hey, which integration or ? do you use to view your hikvisions via Home Assistant? The info on doing this seemed old and outdated. I've just used the onvif integration so far.
Try frigate for a cat sensor
hiksdk is their proprietary stuff
Yeah, I thought it might be
Thanks chap.
What does this video tell about in simple plain words..
Why do you hate cats so much?
Because cat owners don't keep them in their own yard, so they kill the native wildlife.
CATS kill on average 7 native animals every night, multiplied by millions of cats. All because people dont keep them locked up at night, and during the day also, and dont put bells on them to try give native animals some hope..
Well obviously they are going to send you one with "clean" firmware! If you want to catch a company doing no good then watch for suspiciously cheap ebay deals, then evaluate what you get. When you find something dodgy as I did, like NTP settings that keep returning to an NTP server controlled by the PLA in mainland China, even after you manually set them, contact the seller or manufacturer and do not be surprised if they play dumb but offer to upgrade your camera OTA. Obviously there are multiple issues there, such as hardware being only one OTA update from running anything the PLA wants, so you must lock them down as you have shown. I personally still would not trust them and would rather spend a lot more money on the parts to build my own cameras from scratch. There is a good business opportunity there for an Aussie who wants to sell locally assembled and certified gear.
He showed how to do this the right way. All firmware is available on their ftp site if you think he got a ‘clean’ one. I would be more concerned about what’s going on in your backyard… headline: “Australia’s New Anti-Encryption Law Is Unprecedented and Undermines Global Privacy’. The Aussie camera will have to follow government rules, right?
@@LauwersFreddy Mate you don't know what I am talking about and your issue with Australian law isn't even remotely relevant. Their FTP site is irrelevant too. Look if you can't even tell me how that NTP anomaly could compromise your LAW then don't even bother trying to lecture me about anything related to the subject. Go and study known exploits associated with NTP if you want to try and pretend to know what you are saying.
@@DanielSMatthews Nice to hear that all is just perfect with you Aussies and I’m just stupid. Have a nice life.
I tried to make the point in the video that it doesn't matter what firmware was on it, because you should always assume this or any network host might try to contact something. The key is to design your network right and lock it down so it can't. At least this didn't require internet access to work.
@@LauwersFreddy Yeah you are and here is why. You know what is more powerful than Australian law, a gun held to your head, and that threat has existed for as long as guns, so hadn't it ever occurred to you that people have, decades ago, already worked out how to protect their data from coercive tactics? No I will not give you the details, work it out yourself or stay out of that game.