I noticed my generic Chinese 16 channel dvr started shutting down and rebooting at around five minute intervals yesterday morning. Having spent a fruitless few hours changing power supplies then disconnecting cameras in the suspicion it might be a camera/cable fault I finally discovered that unplugging the Ethernet lead removed the problem. Now I'm puzzled. Google took me to an American forum which suggests something is trying to gain access via the Ethernet but I never completed giving the dev web contact just local to our own wifi group. Any ideas?
These make outgoing network connections which have often been hijacked to get into your internal network from the outside, past any firewall and NAT you might have, and then into other devices you have on your internal network. They have notoriously poor security design, and few (if any) security updates.
Mine lives in a DMZ, and the only outgoing network connection it is allowed to make is NTP to my ISP's NTP servers.
Someone is probably using a standard exploit against yours, which isn't quite working with perhaps a slightly different version of software than the exploit expects. It's unlikely they are deliberately crashing it, because the last thing they'd want to do is to draw attention to your system being hacked.
Don't assume other hacks aren't in use which have worked to get to other devices on your internal network.
Just because you didn't grant anything else access, doesn't prevent something from trying to access the PVR or cameras. It's increasingly common for botnets to try to use devices such as cameras to attack other systems.
In a domestic setup you'd usually be behind a NAT device (your router/firewall) and would have to configure a firewall rule to allow inbound connections, however if the router has UPnP then it's possible the cameras have done this for themselves.
If you turn off or unplug your router, then plug back the ethernet lead does it still crash?
Can you see if you have UPnP enabled (sometimes Xboxes or Playstations recommend you enable it)?
Can you upgrade firmware on your cameras, router, DVR?
Thanks for your suggestions. I'm not sure why or how someone has found the ip address of my system but it seems something is awry. Would it be worth c hanging the http port number and media port number? I confess I'm feeling m y way in the dark with this stuff.
If your system has opened up a port to the Internet and is listening for an incoming connection (so the owner can, for example, view web cam footage from a remote location) then the port is probably visible to all.
There is software on the Internet which keeps checking all available address ranges and ports just to see if something is there listening.
If there is a response then the remote software tries loads of well known ways to gain access to the device.
Changing port numbers will protect you for less than a second - only until the next scan goes past.
To check if you do have any open ports, use your PC to go to and run the Shields Up tool, chosing the "All Service Ports" option. This will tell you which, if any, ports are visible to the Internet.
A good result is all green (no response). This is what you should get with a standard NAT router where no ports have been opened and they are all "stealthed". That is, they don't offer any response to the query.
Any other response on any port tells you that there is a process there that at least is sending some kind of a response back to the query.
If you see any red ports (open) then you really need to do something about them. If you turn off your devices and the ports are no longer open that is instructive.
I don't view my dvr outside my home wifi ie I only use computers that are part of the home group not via an internet connection although I've often thought it would be useful to do so. Are there ways of so doing without being exposed to hacking or is it simpler just to forget it?
Quite likely a thomson (but you might find a model number stuck underneath) in my experience their web interface is limited, you can do a lot with the CLI but it's kind of cryptic.
HomeOwnersHub website is not affiliated with any of the manufacturers or service providers discussed here.
All logos and trade names are the property of their respective owners.