Hikvision FTP Server IP address leads to Zombie Apocalypse

Never give up!

Ok, these Hikvision cameras are pretty nice and seem like great quality for the price. However, I have one major issue with them, they don’t let you use hostnames for the FTP server. You have to use an IP address.

Hikvision DS-2CD2042WD-I Bullet Camera

Hikvision FTP Setup

Why would they require this? I suppose for most cameras connect to a server on the local network, thus it won’t have a DNS name anyway, why not just require an IP address? It means that when the camera does connect to the FTP server, it doesn’t need to do a DNS lookup, but that seems like a pretty big trade off. You have to hardwire the IP address into the camera config.

What about external servers?

If you require an IP address, then you need to find the IP address of the server. At Sensr.net we run FTP servers and we use hostnames like f0.sensr.net. If you want to use the Hikvision with our service, you need to connect to one of our servers (currently f0 through f9). But to use the Hikvision, you’ll need to find out the IP address of our servers. In the case of f9.sensr.net you can run nslookup like this:

$ nslookup f9.sensr.net
Server:		8.8.8.8
Address:	8.8.8.8#53

Non-authoritative answer:
Name:	f9.sensr.net
Address: 74.207.245.42
Name:	f9.sensr.net
Address: 96.126.101.33

However, notice that it returns two different answers. At Sensr.net we (currently) have two servers that serve as f9.sensr.net. We do this for redundancy. If one of our servers fails, then the other one can take over for it. Of course this redundancy won’t help you if you hard wire the IP address. For the Hikvision, just pick one or the other IP addresses and it should work.

What about loadbalancing and failover?

This kind of screws up our load balancing and failover. But at least it works. However, it only works as long as our servers keep the same IP address. What if we upgrade or move a server? It’s IP address will change and your camera won’t work anymore.

Maybe security could be compromised too

We use servers at Linode and we might decide to upgrade and get a bigger server at Linode, or maybe move to AWS or even Google Cloud. In that case, the IP address that we used to use will get deprecated. This probably means your camera will stop working. But it could mean that it starts uploading to a server that isn’t part of Sensr.net! Let’s say we drop the server at Linode, it’s pretty likely that Linode will re-use that IP address for someone else. That new owner might notice that there are cameras trying to connect to it. That new owner might also decide to let those cameras connect and then they could start collecting images that are uploaded by your cameras. Hmm, that seems like a bad idea.

How serious is this?

I think we have changed the IP addresses of our upload servers once in 6 years. So it doesn’t happen often. However, we are working on a major change and I expect the IP addresses will change in the next year.

What can we do to help?

Before we change servers and drop the IP addresses for these machines, we can move over the DNS names (f0.sensr.net .. f9.sensr.net) and see what cameras continue to connect. If all the cameras move over (they won’t) then we don’t need to worry. I’m sure there will be cameras left connecting to the old IP addresses. In this case we can warn our users that they need to update their cameras. We’ll probably send out an email and give our users some time to make the change.

Zombie cameras

Never give up!

We have quite a few zombie cameras trying to connect to our servers. Zombies are cameras that used to work with the service, but no longer are on paid accounts. This means we don’t let them upload images, their logins fail. But most zombies keep plugging away, mindlessly attempting to upload to our servers even though we won’t let them.

In the case of these cameras, we may not be able to contact the owners, so after we finally decomission the servers, they may end up connecting to some new server deployed at Linode. If the owner of that new server decides to let the zombie connect, they could end up collecting lots of potentially private images.

IoT gone mad

This is just one example of how the IoT world is leading to unintended consequences. People setup cameras so they can be more secure, but through a sequence of perfectly normal events they end up with something they don’t expect.

Maybe we’ll ask Linode if they will decommission those IP addresses. Maybe we’ll just keep paying for them. One thing is for sure, we will warn users before we release the IP addresses back into the pool. We’ll keep track of how much upload traffic we get to our deprecated servers. It might lead to another interesting blog post!

Stay tuned, the Zombie Apocalypse is far from over.

Shameless plug

If you’re still not afraid of the zombies, we would love to have you as a customer. Point your IP camera at us and we’ll do some useful stuff with what you send us. We have a free trial, so it won’t cost you anything. If you decide not to stick with us, please delete our FTP server from your camera. It will be as satisfying as shooting a zombie in the head!