Kitz ADSL Broadband Information
adsl spacer  
Support this site
Home Broadband ISPs Tech Routers Wiki Forum
 
     
   Compare ISP   Rate your ISP
 
Please login or register.

Login with username, password and session length
Advanced search  

News:

Author Topic: Swannview Link throughput question.  (Read 2705 times)

Bowdon

  • Content Team
  • Kitizen
  • *
  • Posts: 1162
Swannview Link throughput question.
« on: February 09, 2016, 10:27:43 PM »

I've recently installed an updated version Swannview Link on to my Win10 machine. The program is for me to be able to see the CCTV cameras on my home network. I purposely havent set it up to be available for the Internet.

On my WinXP machine I have an earlier version and the throughput is between 700 to 800KB/s.

I've installed 2 newer versions of this program on the Win10 machine but the throughput is only between 40 and 50KB/s.

I noticed that when installing this Swannview Link program it also installs a program called Winpcap. I'm assuming this program is responsible for the throughput rate on the network? I have seen a site were people are saying its not compatable with Win10. Could this be the reason for the slow throughput?

I'm wondering as there is another site that claims to have a Window10 version of the program. But before I install it I'm just wondering if this program is the reason for the slow throughput?
Logged
BT Infinity 2 - HG612 & Asus RT-N66U - ECI Cab

loonylion

  • Reg Member
  • ***
  • Posts: 721
Re: Swannview Link throughput question.
« Reply #1 on: February 10, 2016, 03:26:20 PM »

winpcap is a packet capture driver.
Logged

Bowdon

  • Content Team
  • Kitizen
  • *
  • Posts: 1162
Re: Swannview Link throughput question.
« Reply #2 on: February 11, 2016, 11:08:25 AM »

I got the throughput increased by downgrading to a previous version of the program.

The new version of Swannview Link is rubbish. It doesn't even have a logout button, so I had to X out of it.
Logged
BT Infinity 2 - HG612 & Asus RT-N66U - ECI Cab

guest

  • Guest
Re: Swannview Link throughput question.
« Reply #3 on: February 18, 2016, 10:42:05 AM »

Dunno what DVR you have but Swann are mentioned here :

http://www.theregister.co.uk/2016/02/18/blank_519070_the_pin_to_enter_to_pwn_80k_online_security_cams/

Basically there's a hardcoded root account with a password of 519070 which allows complete compromise of the DVR - and is obviously behind your firewall so has unrestricted network access from the shell account.
Logged

Bowdon

  • Content Team
  • Kitizen
  • *
  • Posts: 1162
Re: Swannview Link throughput question.
« Reply #4 on: February 18, 2016, 11:37:38 AM »

Dunno what DVR you have but Swann are mentioned here :

http://www.theregister.co.uk/2016/02/18/blank_519070_the_pin_to_enter_to_pwn_80k_online_security_cams/

Basically there's a hardcoded root account with a password of 519070 which allows complete compromise of the DVR - and is obviously behind your firewall so has unrestricted network access from the shell account.

I don't have the system open to outside of my network. The ports are closed. I just access the cameras on my computers via LAN.

The article doesn't surprise me. I've looked for firmware updates for the unit and never found any.

They are fairly cheap machines, even though at first was priced around £400 (I think its now dropped to the £200 to £300 range).

The units have no on/off switch. The only way to turn the power off is to pull the power lead out.

This is my second unit, after the other was replaced because suddenly the power to the cameras (they are powered by PoE) all stopped working. I got a replacement and at the moment the motion detection recording stopped working on one of the cameras. Supposedly that function is from the unit, though I've changed ethernet port connectors of that camera and it's still doing it.

Its nearly impossible to find the more expensive cameras advertised as its all bogged down in this low-end price range. Different companies are competing but from what I've seen they all get similar faults.

Swann support is absolutely useless. I emailed them about the camera not recording during motion detection (if I set it to record all the time it works). The guy replied, maybe its the power strip? Wth  >:(

I don't know how people can be so 'thick' these days with computers and technology. The people up to 40 and 50 years old have had a life time were computers have played a significant role in their lives. Where have they been hiding!?
Logged
BT Infinity 2 - HG612 & Asus RT-N66U - ECI Cab

guest

  • Guest
Re: Swannview Link throughput question.
« Reply #5 on: February 18, 2016, 12:11:31 PM »

Don't know if you noticed this (its one of the links from El Reg) :

https://www.pentestpartners.com/blog/pwning-cctv-cameras/

Quote
Sends stills to a strange hardcoded email address

Looking into the dvr_app binary further, we can find some very odd functionality.

For whatever reason, snapshots of the first camera are sent to lawishere@yeah.net.

Why? We have no idea. The email address is still live, and is now being sent the intro to Button Moon frame by frame.

Sending images from a DVR like this is a serious breach of privacy.

Strangely, someone else had already reported this issue on the GitHub page of Frank Law, the owner of the email address:

https://web.archive.org/web/20151010191622/https://github.com/lawishere/JUAN-Device/issues/1

He has since pulled the https://github.com/lawishere repo.

It appears that there are several versions of the firmware present.

    Some don't have any email functionality - you have nothing to worry about apart from the authentication bypass and root shell.
    Some have the email functionality, but aren't sending any emails as the default SMTP server is no longer present.
    Some have the email functionality.

A GitHub repo (https://github.com/simonjiuan/ipc) containing code related to the DVR has been found by a commenter on HackerNews. This has some of the functionality in it, but the actual part when the email is sent is commented out.

This repo appears to be setup for an IP camera, with a different make and model. Look at the top right though - the repo has been forked 9 times. Where else is this code used?"

Other issues

It doesnít end there though. This device is just a catalogue of mistakes:

    If you get a shell or command injection via the web server, you are root already. No need to escalate.
    No CSRF protection. You can trick a user into clicking a link that will carry out an action on their behalf.
    No account lock-out or brute force protection. You can guess as many passwords as you like. The only rate limiting is the device itself being slow.
    No HTTPS. All communications are sent in the plain and can be intercepted and tampered with.
    No firmware updates. We canít find any detail on the name MVPower. The firmware suggests commonality with Juantech, but none of their firmwares are compatible. You are stuck with these issues.

Sounds well dodgy.....
« Last Edit: February 18, 2016, 12:13:44 PM by rizla »
Logged