Talk About the Latest in Home Automation/Home Electronics -
Home Automation Forum

Smarthome Forum
Insteon Home Automation
Login or Register
 
Home | Profile | Register | Active Topics | Search | FAQ | Smarthome | Security and Privacy | Do Not Sell My Info
 All Forums
 General Discussion
 Surveillance
 Amcrest back door
 New Topic  Reply to Topic
 Printer Friendly
Author Previous Topic Topic Next Topic  

Autonow
Average Member

USA
106 Posts

Posted - 07/29/2019 :  7:29:44 PM  Show Profile  Visit Autonow's Homepage  Reply with Quote
When analyzing my router logs I discovered all 3 of my amcrest cameras were sending data to a server on the internet I blocked the traffic while I get new cameras. Back doors like this are a violation of customer trust and personal security/privacy. I am still surprised how people are so eager and willing to allow this stuff to happen one reason I could never trust any manufacturer that requires a connection to their servers on the internet to work

Tfitzpatri8
Administrator

USA
10837 Posts

Posted - 07/29/2019 :  9:10:49 PM  Show Profile  Reply with Quote
Are you saying the cameras do or don’t work locally when they are blocked by your firewall?

Was this a back door or a requested feature? Were they sending actual images, or were they just registering with their own DNS forwarding service to make it easier for owners to view remotely without setting up a static IP or a paid DNS forwarding service?
Go to Top of Page

SeanM
Administrator

USA
95 Posts

Posted - 07/30/2019 :  11:20:23 AM  Show Profile  Reply with Quote
It depends on the user. Most people are lacking any real knowledge on their network setups and asking them to configure their own port rules is too much. The DNS services for automatic remote access/viewing has really helped bring IP cameras into the mainstream along with saving companies a ton of money on tech support...but I agree on the need for better transparency with the included services in the products. :)

You might be able to disable the DNS access and use your own routing but that feature is becoming scarce these days.

Take a look at the below article before buying another brand though. There were a bunch of IP cameras identified last year with vulnerabilities.

https://www.zdnet.com/article/security-vulnerabilities-in-these-popular-smart-cameras-let-hackers-turn-them-into-surveillance/


Go to Top of Page

Autonow
Average Member

USA
106 Posts

Posted - 07/30/2019 :  1:48:27 PM  Show Profile  Visit Autonow's Homepage  Reply with Quote
It definitely was not a requested feature! It is also not configured to get dns information. I manually configure all my cameras. It works fine locally and it also works on the net with the invasive ports blocked.
What I see are requests from some unknown server on the net using some obscure port like 15632. Different ports for different cameras. I suspect the camera is sending data out the configured port and responding to requests from these mystery ports. I have about 8 cameras and only the 3 amcrest cameras are targeted. Fortunately requests to the configured port require name and pass to get a response.

With these ports blocked I see no traffic in or out of my net except for mu own! An FYI reolink also has a back door that was documented elsewhere on the internet. Beware of what you buy!
Even Ring Screws with your camera. Updates in their server will render your camera non functional until you do a firmware upgrade. I refuse to pay for subscriptions of any kind!

I am security myself security and privacy paranoid!
Go to Top of Page
  Previous Topic Topic Next Topic  
 New Topic  Reply to Topic
 Printer Friendly
Jump To:
Smarthome Forum © 2000-2020 Smartlabs, Inc Go To Top Of Page
Powered By: Snitz Forums 2000 Version 3.4.07