IP2M-841EB Security Issues

Have some questions or having issues with your IP Camera(s), Post them here for the mods and other users to assist you with.
Post Reply
fjl05
Posts: 23
Joined: Mon Jan 18, 2021 2:13 pm

IP2M-841EB Security Issues

Post by fjl05 »

I have a IP2M-841EB camera connected to my LAN and was setup so that I can view it while away from home. I also have it setup so that I get a warning email message if anyone tries to log into it unsuccessfully. For the longest time I kept receiving emails that someone was trying to log into it but couldn't. Obviously they kept trying to figure out my password. I wasn't too concerned as I figured that somehow someone scanned my network and found that I had that camera broadcasting to the internet, so they tried logging into it but they could not figure out the password. What I did find strange was that it was only that camera. The IP2M-841EB. I have a few other Amcrest cameras but not the same model that are also broadcasting to the internet.

Anyways I finally decided to stop allowing any of my cameras to broadcast to the internet or to be accessed through the internet by removing their port forwarding. I then setup a VPN on my router so that the only way to access the cameras was to go through my VPN and access them through the LAN. I figured the problem was solved. But its not.

I'm still somehow receiving alarm messages that someone keeps trying to log into the IP2M-841EB camera but cant. How is this possible? How is someone accessing its log in if I am not allowing it to broadcast to the internet? The ip addresses trying to hack into it are always from Russia, Australia or sometimes even from USA. Seems someone finds the camera, tries persistently to crack the password then give up after a few days. But how are they even reaching the camera now if I didn't set it to connect to the internet? Is this a security issues or is there perhaps some setting within the camera that is causing this?

Again its only this camera that has ever had this issue. What do I do? There doesnt seem to be any new firmware for this camera.
fjl05
Posts: 23
Joined: Mon Jan 18, 2021 2:13 pm

Re: IP2M-841EB Security Issues

Post by fjl05 »

for some reason I am no longer allowed to edit my previous post.

I wanted to add that if I try blocking the camera's IP address from being able to connect online using the parental controls, then it also blocks me from viewing the camera when trying to access it from the VPN.
User avatar
Revo2Maxx
Site Admin
Posts: 3399
Joined: Sat Jun 15, 2019 3:05 pm

Re: IP2M-841EB Security Issues

Post by Revo2Maxx »

So you need to look at your cameras NETWORK Settings and make sure that your P2P isn't turned on. If it is enabled uncheck the box. IT will take 2 hours after that for the Network to stop transmitting and Receiving Ping data... Once this is done there is no other outside method out there..

Now also keep in mind that if your Camera is using the 2019 or 2020 or 2021 FW the camera may fail to work without access to the Internet unless it is behind a Amcrest NVR like in a POE NVR.. It will record data to the MSD if you have one installed however when you try to play it back with NEW Fw installed it fails to playback..
Try to Avoid CCA Networking Cables They are JUNK PERIOD!
Where there is Life there is Hope
James
fjl05
Posts: 23
Joined: Mon Jan 18, 2021 2:13 pm

Re: IP2M-841EB Security Issues

Post by fjl05 »

Thanks. I did disable P2P almost immediately after writing this. Looking over the menu options, saw p2p and realized that had to be the culprit.

Now I just wonder how all these other people got the QR or serial number of my camera for them to try and hack it.

As of right now, I have not received anymore warning emails. But then they would try to hack into it at random times anyways. I'll post back if any hacking attempts do show up.
User avatar
Revo2Maxx
Site Admin
Posts: 3399
Joined: Sat Jun 15, 2019 3:05 pm

Re: IP2M-841EB Security Issues

Post by Revo2Maxx »

If someone was on your network and was Fishing your Data that was going into and out of your network then the SN would or Should say could be some of that data that is going.. What I don't know is if the Data that passed my own Phishing on my own cameras that I was able to get the SN but the Password was Encrypted so that SN that I can see in my local network leaving my switch and was at the area of my Phishing I am not sure if that data ever changes out into a UUID digit and maybe if it did that could still be translated.. So that was why some time ago when I was talking about P2P I said it was the Secure way to access the device remotely as long as the person changed the Password from the default password.. Also wouldn't use any password that you use on any network. Also if you use a 3rd party viewing software I would use a password that isn't ADMIN password incase they have a Hack attack and the password database from them is taken..

Also if using a phone or laptop with ASP from some free Wifi don't use the free wifi to access your system and if you do make sure your back isn't to a camera where someone could watch the password being entered.. Kind of hard to explain but hope that picture made it though...

Out side of that, Old phone sold or lost with the app and camera SN.. However the bad thing with that if they were able to get into the app and you didn't change the passwords after knowing your phone is lost they would have that password as well.. Because you can look at the password in the app..

One of the main reasons that I try not to show my SN when I make a Video, I am sure one or some have passed by and I posted anyway however I turn on a 3 try and lock out in most cases only issue with that is when your trying to setup on a NVR the NVR will get locked out by the camera lol Then I reboot the camera and NVR after making sure I put in the right password and it comes online..
Try to Avoid CCA Networking Cables They are JUNK PERIOD!
Where there is Life there is Hope
James
Post Reply