Print

Please login or register.
1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

[fnords]

First of all the most important thing is to change the root password of your cam. I suppose you are a mac, Linux or OSX user because its not that simple.
Prerequisites: a cup of coffee.
for windows user: putty or something

First log in over a SSH session to your cam
for example
ssh -p8992 root@192.168.0.50

enter the password: tms320dm365

command
touch /etc/shadow

command
passwd

enter a good password

command 
cp /etc/passwd /mydlink

Then edit the script below
command
vi /mydlink/mydlink-watch-dog.sh

insert this at the 3rd line of the script
(that will copy the passwd file now stored in /mydlink at bootup to /etc)

cp -f /mydlink/passwd /etc & >/dev/null


if you don't know how to use vi editor here is a basic manual
http://www.cs.colostate.edu/helpdocs/vi.html
or use midnight commander integrated shell


Why the effort?
Virtually any idiot could SSH access to your LAN/WLAN and do some nasty stuff....



 

[evilslon]

All these changes will be removed after reboot, isn't it? I think its will be much better to close port 8992 and turn off UPnP feature on the router.

[fnords]

All these changes will be removed after reboot, isn't it? I think its will be much better to close port 8992 and turn off UPnP feature on the router.

Those changes won't be removed after reboot, the directory /mydlink is persistent, only etc is mounted in ramfs.

The threat comes from the inside of the LAN you can block the port on a router itself but any application have access to the cam, trust me, there are a lot of trojans like netbus in the wild.

[evilslon]

Those changes won't be removed after reboot, the directory /mydlink is persistent, only etc is mounted in ramfs.

Didn't know.. I'm using DCS-2210 and there's no mydlink directory.

The threat comes from the inside of the LAN you can block the port on a router itself but any application have access to the cam, trust me, there are a lot of trojans like netbus in the wild.

Well, if someone was able to break into your network - this in itself is bad. However, most likely it will not be by the fault of the camera, but the fault of the user who is set weak password or never checks his/her OS for viruses/trojans. Nevertheless i agree with you, it's better to change the root pwd. Thanks for info!

[fnords]

Didn't know.. I'm using DCS-2210 and there's no mydlink directory.
Well, if someone was able to break into your network - this in itself is bad. However, most likely it will not be by the fault of the camera, but the fault of the user who is set weak password or never checks his/her OS for viruses/trojans. Nevertheless i agree with you, it's better to change the root pwd. Thanks for info!

Well a lot of routers even so called quality brands suffer from security holes, even undiscovered ones, sometime it takes years to discover them. Someone may use the ssh access as socks proxy and do some criminal activities.
The 2210 has another Firmware, just try to find those watchdog script using top command and edit it there

[evilslon]

The 2210 has another Firmware, just try to find those watchdog script using top command and edit it there

Nope, (it seems) all DaVinci DM365-based cameras have the similar firmware, at least the differences are small (and one of them is myDlink support which is not present in my camera). As for me, i solved this problem in other way - I just reassembled the camera's firmware and added my version of /etc/passwd with my own pwd.

[fousa]

Thanks fnords!  

If you have more to share, go ahead. I'm looking stuff like this