D-Link Forums
The Graveyard - Products No Longer Supported => IP Cameras => DCS-2670L => Topic started by: PASGILI on January 20, 2021, 07:04:12 AM
-
Unfortunately my camera is regularly hacked.I see in the log that several IPs connect with the login "admin". Although I change by a strong password, only a few hours later it starts again. Today, my network was very very unstable and as soon as I unplugged the camera everything returned to normal.I don't find it normal that you can't change the "Admin" login. A solution is possible? Thank you
-
Link>Welcome! (http://forums.dlink.com/index.php?topic=49573.0)
- What Hardware version is your DCS? Look at the sticker behind or under the camera.
- Link>What Firmware (http://forums.dlink.com/index.php?topic=47512.0) version is currently loaded? Found on the DCSs web page under status.
- What region are you located?
What Mfr and model is the main host router?
Do you have uPnP enabled on the camera and router?
-
Where is the IP coming from? 192.168.x.y?
Any other information?
-
Hello everyone, here are the requested informations :
Firmware version 2.02.06
Hardware Version B
agent version 2.2.0-b78
Upnp disabled
I am in Belgium
Router: TP-LINK ARCHER C2300
Upnp enabled
excerpt from the log of the last attack that damaged my network
23. 2021/01/20 11:51:48 admin login Ok from 45.95.168.120
after removing the plug from my camera everything was normal
Thanks
-
Well it looks like an abusive active IP address. Honeypoting!
I believe you!
You should block it in your router.
https://www.abuseipdb.com/check/45.95.168.120 (https://www.abuseipdb.com/check/45.95.168.120)
-
Unfortunately my router doesn't allow me to do so. I'm out of luck...
-
Unfortunately my router doesn't allow me to do so. I'm out of luck...
Are you sure? Which manufacturer/model is it?
-
Yes TP-LINK ARCHER C2300 V2
-
Yes TP-LINK ARCHER C2300 V2
Although these are "V1" instructions, it looks like it would be here, under access control.
https://www.tp-link.com/us/user-guides/Archer-C2300&A2300_V1/chapter-10-network-security#ug-sub-title-1 (https://www.tp-link.com/us/user-guides/Archer-C2300&A2300_V1/chapter-10-network-security#ug-sub-title-1)
-
Thank you very much for the research but unfortunately with the V2 it is not possible. I'm going to check out a TP-Link forum. Thank you
-
Is there a F/W update for your router?
I'm not sure how the hacking and stuff works, but is there an open port on your router? So you can access it from the outside network?
If there is NO open port, you'd have to assume your router is also compromised.
-
Is there a F/W update for your router?
I'm not sure how the hacking and stuff works, but is there an open port on your router? So you can access it from the outside network?
If there is NO open port, you'd have to assume your router is also compromised.
I found their emulator for 2300 V2. I found the page in question.
https://emulator.tp-link.com/webpages_C2300V2_US_emulator/index.html (https://emulator.tp-link.com/webpages_C2300V2_US_emulator/index.html)
(https://i.postimg.cc/br2djZND/tplinkarcher2300v2.png)
-
According to the forum on TpLink there is no way to filter an external address.
The firmware is up to date.
Yes there was port 80 which was open but of course I closed it. On the router forum they advised me to change the port to access from outside. The page that you show me is used to block the internal devices in the network.
Thanks
-
My bad, you are correct. I got ahead of myself when I saw that page. I thought it was for outside devices.
Is that TrendMicro stuff enabled? Advanced/Security/AntiVirus. Or do they charge a fee?
That IP address should be blacklisted in their software by now.
-
How about trying a different brand router? I would not recommend using anything TP-Link.
-
Hello, yes of course TrendMicro is well activated but is not paying.
Yes I could try with another router but as it's very recent I'm still waiting a little bit.
I opened port 554 and it allows me to see the images from outside but I can't manage the camera. For the moment I haven't had any more attacks....