Nov 242016
 

Security

Security is always a consideration with IP cameras as a lot of them have crappy default credentials and can potentially open you up to being compromised. This particular camera has weak default credentials and does not compel you to change the password either. Telnet is running on this camera, but at least the telnet password isn’t something like admin…But the password is xmhdipc, which is on Mirai’s list of passwords, so it’s obviously been used on other devices. The Cloud service is easily disabled, however it is enabled by default which could potentially pose a security issue, though I haven’t seen it try to call home. UPnP is disabled out of the box which means that it won’t be opening ports by itself.

Doing a netstat -a -p on the camera itself shows the following TCP ports as listening

Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:34561 0.0.0.0:* LISTEN 728/upgraded
tcp 0 0 0.0.0.0:8899 0.0.0.0:* LISTEN 748/Sofia
tcp 0 0 0.0.0.0:34599 0.0.0.0:* LISTEN 748/Sofia
tcp 0 0 0.0.0.0:34567 0.0.0.0:* LISTEN 748/Sofia
tcp 0 0 0.0.0.0:554 0.0.0.0:* LISTEN 748/Sofia
tcp 0 0 0.0.0.0:www 0.0.0.0:* LISTEN 748/Sofia
tcp 0 0 0.0.0.0:9527 0.0.0.0:* LISTEN 737/dvrHelper
tcp 0 0 0.0.0.0:telnet 0.0.0.0:* LISTEN 736/telnetd
udp 0 0 0.0.0.0:37123 0.0.0.0:* 748/Sofia
udp 0 0 0.0.0.0:34568 0.0.0.0:* 748/Sofia
udp 0 0 255.255.255.255:34569 0.0.0.0:* 731/searchIp
udp 0 0 0.0.0.0:37903 0.0.0.0:* 748/Sofia
udp 0 0 0.0.0.0:56143 0.0.0.0:* 748/Sofia
udp 0 0 0.0.0.0:3702 0.0.0.0:* 748/Sofia

It seems that ‘Sofia’ is the name of the software managing the camera as it’s running the web interface as well as the RTSP stream.
You can also see the telnet daemon running on this camera on the default port of 23, though I cannot seem to find the configuration file for the telnet daemon, which is actually just a part of the busybox shell.
However, the startup script (rcS) does have a line that starts telnet which could theoretically be modified I guess? Alternatively the /etc/passwd file could be changed to update the telnet password.

Conclusion

For the price of this camera, it seems to be fairly good in terms of resolution and picture quality. The configuration is a bit painful as you need a windows machine to configure it properly, however the mobile app seems to have most of the configuration options that you would want to configure. The built in software seems to be designed for DVRs rather than a single camera, but it still functions the way it should.
Security wise it’s not too bad as long as this is behind a firewall, and the default username/passwords are changed.

Share

 Leave a Reply

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

(required)

(required)