View unanswered posts | View active topics


Reply to topic  [ 4 posts ] 
Author Message
  
 Post subject: Changing from the default ports to thwart Mirai/others
PostPosted: Tue Jan 10, 2017 12:05 am 
Registered User

Joined: Jan 2017
Posts: 2

Offline
Hello all,

I have a Q-see QC808 NVR unit with associated IP cameras that have been working great until recently. About two months ago the Internet slowed to a crawl and checking the logs on my router my NVR is constantly connecting to IP addresses I am unfamiliar with on port 3777.

I am not using the default password for the unit but I have not changed passwords/names for the individual cameras. I can still log in with my own user number and password. Q-see is of no help since the unit is about two years old and it is out of the support window. They did tell me that this equipment is vulnerable to Mirai (the botnet that brought down Dyn in October) and they are not offering any firmware to correct this problem.

What I was thinking of doing was suggested on a networking forum. I want to move off of the default ports of 3777 and 85 to something high that doesn't get probed routinely. My hopes are that my firewall will deny this IP access after multiple tries before it gets enough to the ports I have jumped up to. The other choice is a VPN which I would like to avoid if possible for the added complexity.

I am posting this to inquire if anyone knows what ports are a good substitute. Has anyone done this? I am not advanced in networking so any suggestions would be most appreciated. I think others with this vulnerability would also appreciate your thoughts.

Kind regards/thanks

seacoug


Top
 Profile  
Reply with quote  

  
 Post subject: Re: Changing from the default ports to thwart Mirai/others
PostPosted: Tue Jan 10, 2017 2:43 am 
Registered User

Joined: Jan 2017
Posts: 123

Offline
Hello. If you are concerned about security and being compromised, you might want to consider just changing your ports almost as often as you might change your password. Anything from 2000 to 60000 should be fair game unless its assigned to some other device on the network.


Top
 Profile  
Reply with quote  

  
 Post subject: Re: Changing from the default ports to thwart Mirai/others
PostPosted: Tue Jan 10, 2017 9:37 am 
Registered User

Joined: Jan 2017
Posts: 2

Offline
Thanks for the response. Will do. Is it necessary to change port 85 too? Are their limitations on what I can choose on that port?

This NVR is a round trip of three hours away so trial and error is painfully slow. I really appreciate your help. Thanks again

seacoug


Top
 Profile  
Reply with quote  

  
 Post subject: Re: Changing from the default ports to thwart Mirai/others
PostPosted: Tue Jan 10, 2017 11:25 am 
User avatar
Integrator

Joined: Aug 2009
Posts: 7861

Offline
Hi. Changing ports or a mirai attack is not going to help.

And with a 2 year old unit I don't think you have a mirai problem. Most of the problems of 2016 involved P2P setup which allowed things past your firewall

You need to open your network and check for open ports 20 to 29 you should block them.


If your router is old I would change that. The new range of netgear alerts you to anything which wants to alter your setting and logs and blocks suspicious threats.


Top
 Profile  
Reply with quote  

Display posts from previous:  Sort by  
Reply to topic  [ 4 posts ] 


Who is online

Users browsing this forum: No registered users and 5 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  

It is currently Thu Jul 27, 2017 3:47 am

The contents of this webpage are copyright © 2003-2016 CCTVForum.com. All Rights Reserved.