mountainluau

I have several RS series DVR's out there but I have one that absolutely refuses to allow more that one connection at a time. The RS should allow 4 concurrent connections per the firmware. I can kill one connection and the other works and vice-verse. Problem occurs regardless of using the client software or phone app. Any thoughts? Thanks, ML

Since I have root access now what if I wanted to install a light-weight ftp server onto the DVR? Looks like the only services available at present are "getftp" and "putftp" and of course tfpt. It looks like the box is using less than 1 of a possible 4 Gig of on-board. It would just be nice to have better access to the file system. Is it possible? (running HiLinux/Busybox).... Has anyone ever done it? Repercussions? Does anyone have any suggestions/recommendations or alternate methods for better and quicker access? Thanks, ML

I found 2 files passwd and passwd- Both appear to be unshadowed. John pulled default root pass from passwd John gave false positive of "helpme" from passwd- Both files were in /etc I know the password that I've set on the DVR has to be stored somewhere. What is passwd- and why did I get a false positive? I have searched 50+ directories but not all.... where is the "white rabbit"? I need a or some pointers. BTW running HiLinux/Busybox. Thanks ML

that's how the dvr knows the port forwarding has been successful. it tells the router, 'open these ports'. then it connects out to 'home base' to say, 'hey, i'm here can you see me?'. then 'home base' tries to connect back to it on those ports. if it works, then it reports to the dvr, 'yes, i can see you, the ports are set up correctly.' Copy that. Thats good to know. Thanks ML

port 23 the first letter for the user might be r the first letter of the password could be 1 Thanks to everyone that helped on my previous post. ML

Resolved... I can take off my tinfoil hat finally! Turned out to be a UPNP setting on the DVR... The manual doesn't even reference it, but I went back through the settings again and see that UPNP set to "ON" and thought why do I need that anyway. I turned it to off and it fixed the problem. I should have known better! It still doesn't explain why it was "Plug-N-Playin" back to China. I'm still gonna jack into it... just because..... I'll update ya... ML

There are a couple of passwords that floated around for the Nightowl, not of those worked for me. I tried mine with all numeric combos from 0-999999, nothing worked. I also ran john for about a month IIRC, no hits either, it was a POS and I sent it back. What did you use for username...root?

FTR the model might as well be known It is a Night Owl 88550c bought through TigerDirect. It was an 8 camera/500 Gig DVR for $287.00. I still don't regret buying it because I can at least monitor my home now. I see myself moving into an HD unit in the near future but I wanted to get something up and running now. I have Wirehshark, ettercap and C&A. Was thinking of trying John for telnet. Starting off I'm going to base this on "root" as the username. Any additional info would be appreciated. My hopes are that somebody out there has this unit and could do some snooping and see if the behaviour is platform specific. Going to try to start digging into this tonight. ML

I don't think so. That was never listed as an option nor did the seller have an explaination. They just blew-me-off. I would love to test another unit. My bet is that it would do the same thing. It is attempting to connect to port 80 of the remote server FTR.... It's the cycling through local ports that is really strange.

ddns is saying off.....?

Hi everybody. I have been lurking and learning for a while but now I have a perplexing problem and I need some perspective and insight from the community. I have worked on, or installed upwards of 25 to 50 surveillance systems in my profession (datacom), and as a company we install Speco systems exclusively and I have been fairly impressed with their product line. I finally decided to install a DVR at home but went with a cheaper system. I don't want to name the system just yet but it is a POPULAR "lower end" brand. I did soon realize that security was a joke on the DVR starting with a six digit numeric password being the best that I could achieve. I then soon realized that it offered no log as to see who was or had logged into the unit. I am behind a pretty good firewall so I decided to set-up the firewall itself to log my traffic to the internal IP address of the DVR. I quickly discovered that I had an unauthorized connection to a Chinese IP address!!! The IP address had an established connection to port 32...WTF? So I setup a rule to block the connection but soon realized that it wasn't just some Chinese guy trying to make a connection to my DVR but that the DVR itself was acting as the client and calling out to the IP address in question. Although the behavior is blocked as of now, it is so-to-speak wearing out my firewall. The DVR is actually cycling through ports trying to establish a connection to "THE IP ADDRESS". I probably have 300 PAGES of log files/5000 attempts in just two days! Here is the REAL kicker.... the IP address in question is a Chinese DVR manufacturer/seller.......... So.... the "The Company" that sold me the DVR has been no help and has told me that it is a "outdated" unit... that they no longer support. They don't even offer a copy of the ORIGINAL firmware for download (in the event the original firmware was compromised). Port 23 is open sonI am going to attempt to Telnet into the unit and "Guess" the root password and download the current firmware from the unit but past that I wouldn't know what to do other that look at it with a hex editor and hope to identify an IP string that I could at least change to something like a loopback address.... It is clear that you get what you pay for but this is ridiculas! My friend that does surveillance in another state says I should contact Homeland Security..... I don't know......DVR acting as a client calling out to a Chinese DVR Manufacturer....that is just messed up. I hope to get some insight from you guys, but I thought you may want to here the story anyway. Sorry for the long post. Thanks, ML