Important Message from Foscam Digital Technologies Regarding US Sales & Service

Foscam.US (aka Foscam Digital Technologies and now Amcrest Technologies) is an independent United States based distributor of "Foscam" branded products. We have been offering telephone support, US local warranty and building the Foscam brand in the US for the past 7 years. Based on our experiences with Foscam and feedback from end users we have launched our own new and improved line of wireless IP cameras and security systems under the Amcrest brand. Working in partnership with the second largest security camera manufacturer in the world, Amcrest was founded with a deep commitment to end-user privacy and security, highly reliable software and hardware as well a seamless and intuitive user experience. For more information, please visit www.Amcrest.com

If you are having trouble with your Foscam cameras, we sincerely apologize for this inconvenience and would love to help. For technical support, response to inquiries and for obtaining replacements for any Foscam IP Cameras or NVR products, please reach out to tech@foscam.com or call 1-844-344-1113.

If you are interested in exchanging your Foscam camera for an Amcrest camera, we can offer you a massive loyalty discount, even if you are out of warranty. Please send an email to support@amcrest.com, sales@amcrest.com or call 1-888-212-7538

If you are subscribed to Foscam Cloud (www.foscamcloud.com), please contact cloud@foscam.us for support.

If you currently use the manufacturer's cloud service (www.myfoscam.com or linked in any way to www.foscam.com), you will need to contact them directly for support, at www.myfoscam.com.


Security Concern with MyFoscam.org

Users can ask and answer questions regarding Foscam IP Cameras

Moderators: mycam, FOSCAM

Security Concern with MyFoscam.org

Postby dlp1000 » Fri Dec 07, 2012 1:24 am

I have a FI8910W with firmware 11.37.2.48.

Under Manufacturer's DDNS then Manufacturer's Domain, there is a link to xxxxxx.myfoscam.org.

Why does the manufacturer have a DDNS to my camera and how can all DDNS be disabled?
dlp1000
 
Posts: 2
Joined: Fri Dec 07, 2012 1:18 am

Re: Security Concern with MyFoscam.org

Postby TheUberOverLord » Sat Dec 08, 2012 10:26 am

dlp1000 wrote:I have a FI8910W with firmware 11.37.2.48.

Under Manufacturer's DDNS then Manufacturer's Domain, there is a link to xxxxxx.myfoscam.org.

Why does the manufacturer have a DDNS to my camera and how can all DDNS be disabled?


In the DDNS menu selection of your camera, select DDNS Service "none" make sure you submit the change.

Don
TheUberOverLord
 
Posts: 13110
Joined: Fri Jun 22, 2012 11:52 pm

Re: Security Concern with MyFoscam.org

Postby dlp1000 » Sun Dec 09, 2012 2:51 am

Thanks for the tip on disabling my personal DDNS.

How do I permanently disable the myfoscam.org DDNS? I do not wish to have any DDNS especially myfoscam.org's DDNS.

This is a massive security risk. There are thousands of people who plug-in the camera, leave the default password, leave the default port, then use the camera on the LAN. Unbeknownst to the owner, the camera poked a hole in the router (via UPnP) and some random stranger is watching every move!!!!

Whomever thought forcing customers to pair with myfoscam.org should be fired for gross misconduct!!!!!!

Security by obscurity works and requiring the consumer to be included in an entire domain of Foscam cameras is NOT a good business practice!!!!

Also, I do not trust the Foscam firmware to only allow in authenticated users OR defend against brute force attacks. Don't believe me? Try bookmarking deep links, then logout. Now use the deep links... You can get pretty far into the configuration. It's only a matter of time before someone finds a customization variable which allows a new account to be added or an existing account to be modified...
dlp1000
 
Posts: 2
Joined: Fri Dec 07, 2012 1:18 am

Re: Security Concern with MyFoscam.org

Postby Logicl77 » Fri Dec 14, 2012 10:25 am

I totally agree. The manufacturer DDNS setting should have an option to be disabled. I do not need foscam to know the IP's of my cameras.
FOSCAM, please include an option to disable myfoscam.org DDNS setting, as many people do not need this setting and do not want you knowing what IP's are being used, etc.

Thanks.
Logicl77
 
Posts: 3
Joined: Fri Dec 14, 2012 10:22 am

Re: Security Concern with MyFoscam.org

Postby TheUberOverLord » Fri Dec 14, 2012 11:38 am

Logicl77 wrote:I totally agree. The manufacturer DDNS setting should have an option to be disabled. I do not need foscam to know the IP's of my cameras.
FOSCAM, please include an option to disable myfoscam.org DDNS setting, as many people do not need this setting and do not want you knowing what IP's are being used, etc.

Thanks.


As stated in my prior post. Setting the DDNS in the cameras configuration to "none" disables DDNS. Meaning no DDNS is stored in the camera configuration.

You can verify this by dumping the cameras configuration values for other things, including the DDNS information, by doing the following:

xxx.xxx.xxx.xxx = Local IP Address from within your local network, ISP IP Address or DDNS
#### = Port for camera
UserName = Must be an Admin Level User Id
Password = Must be the password for the above User Id

http://xxx.xxx.xxx.xxx:####/get_params.cgi?user=UserName&pwd=Password

Note: The above line is 1 line in your browser window with no spaces, the Forum presents the above line as 2 lines.

Look for the DDNS information in the response, to verify the currently set DDNS values.

If for some reason, you also wish to also reset the factory DDNS defaults so that if you restore factory defaults to the camera at anytime, any initial DDNS information will not be included, there are also methods to do that, if needed.

Please see "set_factory_ddns.cgi" on page 36 here:

download/file.php?id=402

You can also review how the DDNS settings work, with the DDNS being set to "none" in the same document on page 24 for "set_ddns.cgi".

Don
TheUberOverLord
 
Posts: 13110
Joined: Fri Jun 22, 2012 11:52 pm

Re: Security Concern with MyFoscam.org

Postby Avacomtech Inc » Fri Dec 14, 2012 2:26 pm

This is kind of a kluge but it will wipe out the foscam.org DDNS. I enabled No-IP in the third party field and filled in fake entries.
user: fake
Pw: fake
host: fake.fake.org

When I did the scan mentioned before all I saw were my fake entries. Foscam.org was no longer visible. Hopefully that means they can no longer see your IP address.

Ray
Avacomtech Inc
 
Posts: 156
Joined: Wed Sep 12, 2012 3:43 pm

Re: Security Concern with MyFoscam.org

Postby TheUberOverLord » Fri Dec 14, 2012 3:38 pm

Avacomtech Inc wrote:This is kind of a kluge but it will wipe out the foscam.org DDNS. I enabled No-IP in the third party field and filled in fake entries.
user: fake
Pw: fake
host: fake.fake.org

When I did the scan mentioned before all I saw were my fake entries. Foscam.org was no longer visible. Hopefully that means they can no longer see your IP address.

Ray


If you set DDNS to "none" you get a better result. You can also set the factory DDNS to none. Please see my prior post on how to do this, without any need to use a "kludge".

The issue with using a "kludge" is that at camera startup, attempts will be made and continue to be made, by the camera, from time to time, to try to connect to the ("Bogus") DDNS. Which will only create busy-work for the camera, when there is no need to do this.

Not to mention that the camera Status page, when using a "kludge", will always be showing the DDNS as failed. Which can be confusing, when you don't want the camera, to be using ANY DDNS, to begin with.

Don
TheUberOverLord
 
Posts: 13110
Joined: Fri Jun 22, 2012 11:52 pm

Re: Security Concern with MyFoscam.org

Postby Avacomtech Inc » Fri Dec 14, 2012 4:07 pm

The OP has a newer camera with a new UI. There is Manufacturer's DDNS with a Manufacturer's Domain which can not be disabled. There simply isn't a "none" to choose. Under Third Party DDNS is the drop down list of choices you are referring to. Without filling in the third party fields the camera will still do the busy work, only to foscam.org which he doesn't want. And yes he will be plagued by a DDNS fail message but that is what he wants, the camera not reporting its address to anyone.

Ray
Avacomtech Inc
 
Posts: 156
Joined: Wed Sep 12, 2012 3:43 pm

Re: Security Concern with MyFoscam.org

Postby TheUberOverLord » Fri Dec 14, 2012 4:19 pm

Avacomtech Inc wrote:The OP has a newer camera with a new UI. There is Manufacturer's DDNS with a Manufacturer's Domain which can not be disabled. There simply isn't a "none" to choose. Under Third Party DDNS is the drop down list of choices you are referring to. Without filling in the third party fields the camera will still do the busy work, only to foscam.org which he doesn't want. And yes he will be plagued by a DDNS fail message but that is what he wants, the camera not reporting its address to anyone.

Ray


This is NOT true, using the CGI commands, that my prior post shows, the DDNS can in fact be set to "none".

if you do NOT also set the factory DDNS settings to "none", which my prior post also references that CGI command. Then anytime you restore factory settings, the original DDNS for that camera, will be restored to the camera. Using the cameras reset button will also restore this DDNS as well as the menu option in the Standard Camera Interface menu option to restore factory defaults, if this command is also not also done as well.

Which, most likely, is why you think what you do, because you are not using both commands, to set the DDNS to "none".

In the case, where someone has a free pre-installed DDNS. It becomes extremely important to dump the camera configuration FIRST! Prior to changing the DDNS to "none".

This is because, one cannot see the password and/or any Proxy address, for a pre-installed DDNS using the Standard Camera Interface that comes with the camera.

If the person changes their mind later about using the pre-installed DDNS or for example sells the camera to someone who would like to use the pre-installed DDNS. They will need to know what the password and/or Proxy address was, prior to the DDNS, being set to "none".

When they or the person they sold the camera, wishes to re-add that DDNS.

To be able to see the DDNS password in the clear as well as any DDNS Proxy address, to be able to save ALL the DDNS information, for possible future use, this should be done, and the entire output, should be saved somewhere as text.

xxx.xxx.xxx.xxx = Local IP Address from within your local network or ISP IP Address or DDNS address
#### = Port for camera
UserName = Must be a valid Admin User Id Level
Password = Must be the password for the UserName above

http://xxx.xxx.xxx.xxx:/####/get_params.cgi?user=UserName&pwd=Password

Note: The above is 1 line with no spaces, the Forum, presents this line as 2 lines.

Not doing the above, and saving the above output, means that there will be no possible way to ever use or have anyone you sell the camera to use, the pre-installed DDNS that came with the camera, because you no longer have the data required, to re-add that DDNS properly, in the future, should that need arise.

Don
Last edited by TheUberOverLord on Fri Dec 14, 2012 4:44 pm, edited 3 times in total.
TheUberOverLord
 
Posts: 13110
Joined: Fri Jun 22, 2012 11:52 pm

Re: Security Concern with MyFoscam.org

Postby Avacomtech Inc » Fri Dec 14, 2012 4:41 pm

As stated in my prior post this is a new camera with a "NEW" UI. I can't post an image of it at the moment but hopefully you can get the gist with just the text representation.

DDNS Service Settings

Manufacturer's DDNS
Manufacturer's Domain xx0712.myfoscam.org
Validity Queries

Third Party DDNS
DDNS Service None No-Ip Oray.net ...
DDNS User
DDNS Password
DDNS Host
DDNS or Proxy Server
DDNS or Proxy Port

myfoscam.org wasn't even a choice in the previous UI. This "pre-installed" DDNS is hard coded into the camera now. Have you seen the new UI ? It's now an eye pleasing light blue.

Ray
Avacomtech Inc
 
Posts: 156
Joined: Wed Sep 12, 2012 3:43 pm

Next

Return to Technical Support

Who is online

Users browsing this forum: No registered users and 4 guests