@calande 

calande wrote

Hello,

 

In the settings of my NVR, under "Login Exception", I have a "Max Allowed Attempts" field that I can fill out to prevent brute-force attack from cyber criminals trying to log in. The user's manual reads: "The NVR will be locked for 30 minutes if you enter the wrong password more than the specified attempts". Is the NVR inaccessible to any IP address? Or does it block access only to the IP address of the cyber criminal? Further, the manual adds "To unlock the NVR and try to log in again, power the NVR off then power it on", this means one would need physical access to the NVR (not possible when you're on the go...).

 

I'm asking because in case a cyber criminal targets the IP address of my NVR and decides to insist trying guessing the NVR password, using an automated script with a brute-force method, running non-stop, if the NVR blocks access for 30 minutes to all IP addresses every time someone tries 10x logging in to no avail, then basically, 99% of the time, the NVR will be inaccessible to the legitimate admin (who has the correct password).

 

I'm not in front of my NVR to test, so I need to ask here... Please tell me, this can't be true. The NVR only blocks access to that specific IP address, not to all IP addresses, right?

 

Thank you! 🙂

That'll be the times you set for the wrong password. After this threshold, you'll face the 30-minute lockdown. 

The device is still accessible on the network, or in your words, any IPs. 

The device does not have a function to block the brute-force attack source IP address. If you expose the NVR to the public network, it's your duty to keep it safe. This device serves as a LAN NVR. 

If you really expose it to the public network, which in your description, someone would attack it, you gotta add extra layers on your gateway or buy a DDOS protection. This is beyond what a network device is supposed to do. It is when the network security product fills in.