Hikvision Illegal Logins

S

skyhawker

Joined
3 Jan 2015
Messages
247
Reaction score
0
Location
London
Country
United Kingdom
I am getting quite a few alerts of illegal logins to my system. It is residential setup. Is this something to be concerned about? DVR is Hikvision DS-7208HUHI-K1

EG:

This is an automatically generated e-mail from your DVR.

EVENT TYPE: Illegal Login
EVENT TIME: 2019-08-18,22:52:05
DVR NAME: Embedded Net DVR
DVR S/N: xxxxxxxxxxxxxxxxxxxxxxxxx
 
Sponsored Links
Assume its open on a port to the www?
Change the port if possible or filter by IP address so only you can access it?
 
Does it have a password? Is it "PASSWORD?"
 
I will try and change the port. Any guidance what to do?

The password is a good one. Does illegal login mean they have cracked that?
 
Sponsored Links
Illegal login means that someone has attempted to guess the password and failed. I come across it quite a bit on Hikvision systems with internet access (most of them!)

Are you using Hik-Connect or a static IP/DDNS to connect remotely?

Aslong as you have a very secure password this should be good enough to keep anybody out (you only get 5 attempts by default and then the machince prevents any further attempts for a set amount of time) My own system uses non-default ports for remote access and I still get between 10-20 illegal login events a month.
 
Google searches can show a long list of IP cameras and people do go through them looking for something juicy to see.
could be that
 
Unfortunately the second you put something on the internet people will try and login to it...

There is a website called Shodan which scans the internet (any IP, any port) and stores information about what is out there, you can probably search on there for Hikvision and get to people's login pages... After that it's just trial and error to see if you can get in. Hackers chance this stuff all the time as eventually they'll find one with a weak / default password.

If you set a decently complex password and keep your firmware up to date the only logins you need to worry about are the ones you don't recognise that get the password correct. I am guessing your using UPnP or port forwarding on your router, it sucks as many home routers do not support blocking IP ranges for port forwarding, if they did you could ban all IPs except for those for your mobile carrier / just UK IPs for example, which would cut out many of the invalid login attempts as they probably originate from somewhere sketchy.
 
D

DIYnot Local

Staff member

If you need to find a tradesperson to get your job done, please try our local search below, or if you are doing it yourself you can find suppliers local to you.

Select the supplier or trade you require, enter your location to begin your search.


Are you a trade or supplier? You can create your listing free at DIYnot Local

 
You must log in or register to reply here.

Similar threads

S
Replace Ring Doorbell with Hikvision
Replies
0
Views
301
SandyLyon
S
Back
Top