- Jun 26, 2015
- 91
- 3
- 10,645
Hello,
I have recently purchased an Amcrest Security Camera and set it up via POE. It works great and I have been very pleased with it, but I have been having strange things occur ever since I got it. I run a nextcloud instance for personal use and I noticed that this morning it wasn't up and running. My server was still running, so I restarted it and tried again. The server was up for about a half hour and then suddenly went offline again. I then used htop to view resource usage and every core was heavily loaded with threads from apache's webserver. I realized someone was DDOSing my cloud and cut off the open port. I checked my security logs and sure enough I have been getting DDOSed by an IP stressing service. In addition, I am constantly getting a Masscan, from a machine, checking for open ports. This did not occur before I got the camera. Every time the camera boots, a Masscan is triggered from an external IP address. I am upgrading the firmware on the camera and checking if it may have just had a vulnerability, but I suppose I am looking for advice on if I should keep the camera or not and if anyone else has had this issue. The Nextcloud Server had no login attempts other than my own in the system logs, just repeated requests for the main page during the DDOS. The attacks stopped after I unplugged the camera as well.
I have recently purchased an Amcrest Security Camera and set it up via POE. It works great and I have been very pleased with it, but I have been having strange things occur ever since I got it. I run a nextcloud instance for personal use and I noticed that this morning it wasn't up and running. My server was still running, so I restarted it and tried again. The server was up for about a half hour and then suddenly went offline again. I then used htop to view resource usage and every core was heavily loaded with threads from apache's webserver. I realized someone was DDOSing my cloud and cut off the open port. I checked my security logs and sure enough I have been getting DDOSed by an IP stressing service. In addition, I am constantly getting a Masscan, from a machine, checking for open ports. This did not occur before I got the camera. Every time the camera boots, a Masscan is triggered from an external IP address. I am upgrading the firmware on the camera and checking if it may have just had a vulnerability, but I suppose I am looking for advice on if I should keep the camera or not and if anyone else has had this issue. The Nextcloud Server had no login attempts other than my own in the system logs, just repeated requests for the main page during the DDOS. The attacks stopped after I unplugged the camera as well.
Facebook
Twitter
Instagram