Announcement

Collapse
No announcement yet.

block ip's in homeseer

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
    #1

    block ip's in homeseer

    Hi all,

    is it possible to block some ip's what are connecting to homeseer and hstouch??

    some chinese people are trying to connect via hstouch.

    Code:
    Jun-03 19:22:48	 	HSTouch Server	Client (111.248.114.85/4050) has raised LineDisconnected.
Jun-03 19:22:48	 	HSTouch Server Warning	Client dropped connection 111.248.114.85/4050
Jun-03 19:22:46	 	HSTouch Server	Opening connection from:111.248.114.85/4050
Jun-03 19:22:45	 	HSTouch Server	Client (111.248.114.85/4008) has raised LineDisconnected.
Jun-03 19:22:45	 	HSTouch Server Warning	Client dropped connection 111.248.114.85/4008
Jun-03 19:22:43	 	HSTouch Server	Opening connection from:111.248.114.85/4008
    Preferred -> Jon's Plugins, Pushover, Phlocation, Easy-trigger,
    Rfxcom, Blade Plugins, Pushbullet, homekit, Malosa Scripts



    HS3Pro 4.1.14.0 on windows 10 enterprise X64 on hp quadcore laptop 8 GB.
    Tags: None
    #2
    Does your router have the capability to block specific IP addresses? It would be better to block these coming into your network.
    Jon

    Comment

      #3
      Definitely better however you don't know about a particular address until they try to authenticate multiple times so the manual method is not proactive. Best would be for the HomeSeer host system to inform the router to add an address to the blacklist after xx number of failed logins within xx minutes.

      Comment

        #4
        Originally posted by mikaluch View Post
        Best would be for the HomeSeer host system to inform the router to add an address to the blacklist after xx number of failed logins within xx minutes.
        Sounds like a good addition to one of the router plugins available.
        💁‍♂️ Support & Customer Service 🙋‍♂️ Sales Questions 🛒 Shop HomeSeer Products

        Comment

          #5
          Any number of off the shelf solutions already exist. In Linux or the BSD's you can roll your own within the firewall rules. Not so sure about Windows but I seem to remember something along these lines, although the router communication gets difficult if you don't know the command line. Fail2Ban and DenyHosts are both well known and not necessarily limited to protecting web servers.

          Comment

            #6
            Here just enabled ClamAV with Squid on PFSense. PFSense is free.

            Thinking of adding Zabbix to the PFSense firewall as it is hardly working these days.

            That and there are a couple of Homeseer 3 syslog plugins which would let you track this stuff.
            Attached Files
            - Pete

            Auto mator
            Homeseer 3 Pro - 3.0.0.548 (Linux) - Ubuntu 18.04/W7e 64 bit Intel Haswell CPU 16Gb

            HS4 Pro - Ubuntu 22.04 / Lenova Tiny M900 / 32Gb Ram
            HSTouch on Intel tabletop tablets (Jogglers) - Asus AIO - Windows 11
            X10, UPB, Zigbee, ZWave and Wifi MQTT automation-Tasmota-Espurna. OmniPro 2, Russound zoned audio, Alexa, Cheaper RFID, W800 and Home Assistant

            Comment

              #7
              block ip's in homeseer

              Hi all ,thanks for the reply's

              Yes they just breached my homeseer and my security camera's

              I just was with my girlfriend in the baby room , and my security camera on the baby room started to turn in my face and enable the ir , i directly disconnected and reenabled my firewalls and changed Ip , and changed the default password of that cam.
              They brute force attack me ,

              I changed all the passwords and ask my isp to change my Ip , so iT takes 24h.

              Really scarry that they could hear us ,

              Its the same Ip as before , its a vpn adress so i cant trace iT back...

              I think in one of Some internet plug-ins or contact with Someone has build an sniffer in a attachment or something , no way they can Guess the camera pass and hstouch...


              Sended from far far away
              Preferred -> Jon's Plugins, Pushover, Phlocation, Easy-trigger,
              Rfxcom, Blade Plugins, Pushbullet, homekit, Malosa Scripts



              HS3Pro 4.1.14.0 on windows 10 enterprise X64 on hp quadcore laptop 8 GB.

              Comment

                #8
                Did they come through HS3 or go directly to your cameras. I just bought a new Foscam two weeks ago and within 10 minutes of turning in one someone was controlling it. There's was a firware fix for this. What kind of cameras do you use?
                💁‍♂️ Support & Customer Service 🙋‍♂️ Sales Questions 🛒 Shop HomeSeer Products

                Comment

                  #9
                  It's best to not expose ports to the internet until you have everything fully configured and locked down. The good news is they probably aren't looking for baby pictures.

                  Changing your IP won't help for long. I'm thinking putting the camera back up with a closeup picture of my buttcrack in front of the lens would be appropriate.


                  Edit: I think technically that would be a honeypot.

                  Comment

                    #10
                    They where connected also on hstouch , thanks to jon00 network and a script , i get trough the speakers a speech when Someone is connected to hstouch , so that was after i have seen That Someone took control of my camera.

                    I have a sunluxy camera pan tilt.

                    Regards


                    Originally posted by Rupp View Post
                    Did they come through HS3 or go directly to your cameras. I just bought a new Foscam two weeks ago and within 10 minutes of turning in one someone was controlling it. There's was a firware fix for this. What kind of cameras do you use?





                    Sended from far far away
                    Preferred -> Jon's Plugins, Pushover, Phlocation, Easy-trigger,
                    Rfxcom, Blade Plugins, Pushbullet, homekit, Malosa Scripts



                    HS3Pro 4.1.14.0 on windows 10 enterprise X64 on hp quadcore laptop 8 GB.

                    Comment

                      #11
                      Good idea but not in the babyboom haha

                      Originally posted by mikaluch View Post

                      Changing your IP won't help for long. I'm thinking putting the camera back up with a closeup picture of my buttcrack in front of the lens would be appropriate.


                      Edit: I think technically that would be a honeypot.





                      Sended from far far away
                      Preferred -> Jon's Plugins, Pushover, Phlocation, Easy-trigger,
                      Rfxcom, Blade Plugins, Pushbullet, homekit, Malosa Scripts



                      HS3Pro 4.1.14.0 on windows 10 enterprise X64 on hp quadcore laptop 8 GB.

                      Comment

                        #12
                        ++ relating to what Mike is posting.

                        It is easier too to create a VPN IPSec connection to the outside client whatever it is.

                        This way you do not have to open up the firewall.
                        - Pete

                        Auto mator
                        Homeseer 3 Pro - 3.0.0.548 (Linux) - Ubuntu 18.04/W7e 64 bit Intel Haswell CPU 16Gb

                        HS4 Pro - Ubuntu 22.04 / Lenova Tiny M900 / 32Gb Ram
                        HSTouch on Intel tabletop tablets (Jogglers) - Asus AIO - Windows 11
                        X10, UPB, Zigbee, ZWave and Wifi MQTT automation-Tasmota-Espurna. OmniPro 2, Russound zoned audio, Alexa, Cheaper RFID, W800 and Home Assistant

                        Comment

                          #13
                          Hi pete ,

                          I need to see how to do that , i maybe give iT a try.

                          But again today , i enable my camera again for my baby to monitor for a sec , so he was sleeping, after 2 minutes i login my phone directly and my camera turns arround and stupid Chinese start streaming and my baby woke up , so i know they monitoring me , i directly changed my password.


                          Originally posted by Pete View Post
                          ++ relating to what Mike is posting.

                          It is easier too to create a VPN IPSec connection to the outside client whatever it is.

                          This way you do not have to open up the firewall.





                          Sended from far far away
                          Preferred -> Jon's Plugins, Pushover, Phlocation, Easy-trigger,
                          Rfxcom, Blade Plugins, Pushbullet, homekit, Malosa Scripts



                          HS3Pro 4.1.14.0 on windows 10 enterprise X64 on hp quadcore laptop 8 GB.

                          Comment

                          Previous template Next
                          Working...
                          X