eganson

I'm curious why it's for sale... were you unimpressed? How old is it / how long has it run? Are there any pictures from it that you can post...?

Looked good to me! She was a few feet out of the line of fire, but both women should have taken better cover. Momma there needed to drop to the floor. At least there was an appropriate response. Otherwise, there may have been 4 dead victims there. Nice followup too since they sometimes get back up. Front sight & double-tap beats begging for your life... and losing it.

I haven't seen this discussed very much... how long can different brands & models of cctv cameras be expected to last before they 'die'? (without power supply & temperature extremes) What I'm looking for are experiences regarding reliability of specific cameras... I find the cheapos dying at random, from months to maybe 2 years out; hardly worth the effort.

Some DVR can send image-email alerts on motion detection, but that's pretty limited anyhow. If he can connect & view live from home, he could record that stream at home... could leave a cheap pc connected to the DVR via internet, and capture the packet-stream with free software like ethereal, or video-out from the pc to another DVR or vcr...

I'm curious if anybody uses an automated FTP upload to store video offsite in the event of a DVR being compromised? My thought was to have some of the benefits of IP based video capture with the reliability & convenience of a PC based (or standalone) DVR onsite. This limits the offsite storage, so I'd only upload the most recent & delete the older ones... I'd like to send the most recent file even as it's being written... FTP scripts & batch files? The question is, how best to do it? I know some DVR's will send an image via email, but sometimes that isn't enough. Some won't send any image in the email alerts. Maybe there's a better way to do this?

Thanks micpecc, I thought there'd be a good reason for that. Once you find the 'english' button on their site, you can see that hinet has quite the presense there. There's also NO correlation between the streamer pinging hinet (hitting the 'system info') and the incoming hack attempts to the server. Nobody has breached it yet either; Acti's little SED2100R only gives them error codes while streaming reliable, uninterrupted video to the connected PC's. (Video-recording PC is connected through the WAN port, via internet, and the streamer connects to cgi.tzo.com for DDNS) In nearly a year of real-world field testing and abuse, the only way we've made this thing stumble was with power interruption and physical network connection interruption. It recovers on it's own and continues streaming very quickly. This IS one solid, reliable streamer!

I had emailed Acti support on the issue of the streamer contacting hinet.net, but never got any response. It was nothing urgent, but more of a curiousity as to why it does that. Then the hits start coming in to it, none successful and over half were from china. Most likely unrelated to the streamer initiating contact with hinet.net, but there's the question... So now it's back up and streaming with port 80 exposed to the internet so we can see what happens... Capturing packets it sends out, we'll see if there's a profound change once I select the 'system info' & it contacts hinet. My guess is that it's an issue with the older firmware it's running... Agreeing that encrypted video would be very nice, I think we should start by limiting who our servers talk to. Some sort of IP address filtering seems in order? (no hackers have obtained the video stream, login or password, but many were attracted to the device... their lack of success also speaks well of the Acti SED2100r)

Has anybody else here tried monitoring the network traffic to or from their streamers? It's not hard to do using Ethereal, set to capture traffic which the device sends to IP addresses other than you intended. I found that it doesn't affect the video stream at all when 'talks to strangers'... you'll never know if you don't check. I'm curious if ours is an isolated incident, or if this is something to beware of in other IP video products as well?? Unless you prohibit it from accessing the WAN, firewalls won't help. It talks out, and external sites respond. Consider whether you really want hackers, or whoever, seeing all of the video streams? Or using your video server for other purposes? (it is a web server ) I'll see if it goes away after a firmwareupdate...

The streamer we have has run flawlessly for 10 months now, mounted up in a tree. It got pretty hot during the summer and froze a few weeks through the winter. (no heating or cooling in the enclosure) Still alive and streaming flawless video, so it appears to be pretty tough. I was surprised the heat didn't kill it... the thing works great, and keeps on running... definitely something to offer your customers. We never did determine why it contacts hinet.net whenever a user selects the 'system info' and I never heard back from Acti's support either. Since this one is still up in the tree streaming, I haven't been able to tap the 'listen' side of the streamer to see what packets hinet.net sends back to it, if any. I tried, but the cat-5 that long didn't work; it shuts down the streamer trying to passively tap there. All I see are the packets it sends to sites which are not the video-stream recipient. I need an active tap maybe? Over a period of 2 days, it contacted 26 individual IP addresses, mostly returning errors in response to what look like attempted exploits. It appeared nobody got access to the video stream, and the majority (11) of these came from china. (None were from Taiwan) This may have nothing to do with the ACTi SED2100R contacting hinet.net, but it makes me curious how some of these guys find the streamer, and why they kept trying things on it.. I'd like to know if others here find similar situations with IP streamers or cameras, since you can hide a lot of data within the video traffic, if nobody watches those packets. Non-issue in a LAN environment though..

Looks ugly now that I've seen more packets.. Capturing packets from the streamers talk side, I discovered more attempted connections from this thing now, to sites in Switzerland, Mexico, Hong Kong, New Jersey (USA), Taipei Taiwan... all without affecting the video stream. I have the packet-dumps of streamers output (video stream filtered-out) if anyone else cares to take a look too. Happy to email or post 'em on a web page.. It looks to me like someone's trying to run reverse shell scripts connecting out.... with the streamer giving back http error codes ?? Or is the streamer attempting these against other networks? /awstats/awstats.pl?configdir=| echo;echo%............... /cgi-bin/awstats.pl?............(many atempts & ports) CACTI RCE exploits... /cacti/graph_image.php............... XML RPC RCE exploits... /xmlrpc.php............... /blog/xmlrpc.php...... /blog/xmlsrv/xmlrpc.php....... (many attempts & ports) What I've caught are saying '404 not found on server' when the ACTi SED 2100R speaks... if the rain ever stops I'll go tap the streamers listen side and see what's coming in...

I've just begun playing with linux (debian/KDE) and managed to bumble through compiling the kernal & installing some software, and it impresses me what you can do with some cheap hardware and open source software. I've also been wondering what could be done so far as building something to record video... maybe in mjpeg?

The firmware is A1D-V1.01.05-AC, so an update might not hurt. It is running the TZO ddns, but that querys our DNS and then tzo.com... Maybe something left in the firmware from their testing? The only time it does it is on request of 'system info', and won't report it without talking to hinet. I haven't heard back from ACTi yet...

From what I see in the packets, it just pings hinet.net... the site's all in chinese, two different IP's...(61.219.38.89 & 203.66.88.89) then it proceeds to output the firmware data in html. But why ping somewhere outside as a prerequisite to posting it's own info? (there's no autoupdate feature of any kind) I'll have to ask them about it... Not a spyware at all, just made me wonder about the future possibilities of firmware-based spys, trojans, and hidden 'default' logins... how many of us watch the packet stream that close? Something to keep an eye on with IP based video, since a lot of info can shoot out in a few packets without any effect on the video stream...

Using TZO with the ACTi streamer, it's the firmware (using thttp from acme.com?) that contacts TZO with your current ip address, so there's nothing to load on your pc and nothing special required of the modem, so long as you let it talk outside your LAN... you never notice it, and the streamer has many DDNS service choices. Very nice feature to have and TZO is so cheap... just enter the password into the streamer, along with your other network settings, and you have a server you can access & record from anywhere. Power failures don't seem to knock it down for long, it just comes right back up streaming...

We have found an ACTi SED2100R in the field sometimes attempts to connect to www.hinet.net in Taiwan, but not sure exactly why it would _need_ to?? It appears to primarily do this when a user selects the 'system info' button from within the server... any ideas? I blocked the site at the router, and now the sys info won't show (no loss there), but I'm not sure what traffic passes through when it isn't blocked, or what exactly comes in. Only have a tap on the streamers 'talk' side now, just seeing attempts to connect there along with the flawless video streaming. I think it's checking system firmware against their latest revision, but not sure... (don't know where in hinet.net) With recent talk of unsecured axis cameras, maybe another _possible_ risk could be hardware streamers/cameras talking-out from within networks... This doesn't appear to be the case with this device, but maybe something to watch out for. Hardware spyware? Just a thought... how many would notice, if their video works well..?