Hik-Connect Hik-connect services not available in Syria?
- Thread starter abdullah
- Start date
If you have a static IP address and you can open/forward ports on your router then you can try direct IP connection method.
BUT if you do that with then anyone on the internet could find and access your DVR through IP/port scans (although in theory not be able to do anything without a valid password). Some routers allow you to add restrictions so only connections from a specific incoming IP address or address range which can improve security if you are always accessing FROM a fixed IP address.
BUT if you do that with then anyone on the internet could find and access your DVR through IP/port scans (although in theory not be able to do anything without a valid password). Some routers allow you to add restrictions so only connections from a specific incoming IP address or address range which can improve security if you are always accessing FROM a fixed IP address.
- Thread starter
- #3
can you explaine that please
I can try with an example:
I have given my router a local static IP address of: 192.168.0.1
I have given my DVR a local static IP address of: 192.168.0.10
The public IP address (from my internet provider) is: 111.222.333.444 (THIS MUST BE A STATIC IP)
The HikVision default device port is 8000
In a mobile phone/tablet Hik-Connect or iVMS application I Manually add a "IP/Domain" device with the following details:
Address: 111.222.333.444
Port: 8000
User Name: a valid user.
Password: A (very strong) password.
The app tries to connect to the public IP address, it gets as far as my router but all ports (including 8000) are closed so it won't connect.
I then connect to the admin page of my router and luckily it's a good one and allows me to forward certain ports. I define port forwarding on port 8000 so that traffic on public address 111.222.333.444 and port 8000 is forwarded to the local address 192.168.0.10 on port 8000 (the DVR).
Now when the app tries to connect to the public IP address, it gets to my router and the router forwards traffic to the DVR and it works.
However, now hacker scripts around the world doing IP/port scanning will eventually find there is a device on 111.222.333.444 port 8000 and they will try various usernames/passwords to try and hack into the DVR. Hopefully they will never get past your password or exploit a HikVision bug but that's what will happen.
My router also allows me to restrict based on IP address. So if I have another site with a public IP address of 555.666.777.888 then I can define that address in the port forwarding rule to improve security. So the router will forward traffic from anyone at the 555.666.777.888 site but for anyone else at any other address the port will be closed.
I have given my router a local static IP address of: 192.168.0.1
I have given my DVR a local static IP address of: 192.168.0.10
The public IP address (from my internet provider) is: 111.222.333.444 (THIS MUST BE A STATIC IP)
The HikVision default device port is 8000
In a mobile phone/tablet Hik-Connect or iVMS application I Manually add a "IP/Domain" device with the following details:
Address: 111.222.333.444
Port: 8000
User Name: a valid user.
Password: A (very strong) password.
The app tries to connect to the public IP address, it gets as far as my router but all ports (including 8000) are closed so it won't connect.
I then connect to the admin page of my router and luckily it's a good one and allows me to forward certain ports. I define port forwarding on port 8000 so that traffic on public address 111.222.333.444 and port 8000 is forwarded to the local address 192.168.0.10 on port 8000 (the DVR).
Now when the app tries to connect to the public IP address, it gets to my router and the router forwards traffic to the DVR and it works.
However, now hacker scripts around the world doing IP/port scanning will eventually find there is a device on 111.222.333.444 port 8000 and they will try various usernames/passwords to try and hack into the DVR. Hopefully they will never get past your password or exploit a HikVision bug but that's what will happen.
My router also allows me to restrict based on IP address. So if I have another site with a public IP address of 555.666.777.888 then I can define that address in the port forwarding rule to improve security. So the router will forward traffic from anyone at the 555.666.777.888 site but for anyone else at any other address the port will be closed.
Similar threads
