Zondeminder portal hacked/breached

Forum for questions and support relating to the 1.34.x releases only.
Post Reply
marcot
Posts: 7
Joined: Sun Jan 23, 2022 7:16 pm

Zondeminder portal hacked/breached

Post by marcot »

Dear forum users,

Our Zoneminder portal was breached/hacked or something els went wrong. Our admin user password was gone.
Our ZOneminder is accessible to the internet, so everybody was able to loging and look at our camera's.

I have some questions regarding this :

1. Is there a log on the server where we can check that if a client has access to the portal, what system / camera's they looked into ?
2. Is two factor authentication supported for login?
3. Is it possible to have camera streams available on the internet, but the webportal only from the internal LAN ? Now everyone in the world can access the webportal.

All reactions are very much welcome.
User avatar
iconnor
Posts: 3197
Joined: Fri Oct 29, 2010 1:43 am
Location: Toronto
Contact:

Re: Zondeminder portal hacked/breached

Post by iconnor »

1. If this is a ubuntu/debian system, then
Apache should be logging all requests in /var/log/apache2/access.log or other_vhosts_access.log

2. We do not support 2 factor authentication at this time.

#3. Technically yes. You would use a reverse proxy and only forward /cgi-bin urls.
marcot
Posts: 7
Joined: Sun Jan 23, 2022 7:16 pm

Re: Zondeminder portal hacked/breached

Post by marcot »

Hi,

Thanks you for answering question 2 and 3.

We are using a older version of Zoneminder, v1.32.3.
There was no topic with 1.32.x, so I posted this here, I hope that is not an issue.

Zoneminder v1.32.3 uses httpd and webserver, or atleast the version we are using.

Any idea where the httpd logging is located?
Is there logging that show if a user is logged in, to what systems they have access to ?
pimehexon
Posts: 7
Joined: Wed Jan 12, 2022 2:55 pm

Re: Zondeminder portal hacked/breached

Post by pimehexon »

Does changing password help to log out all existing users or not?
dougmccrary
Posts: 1322
Joined: Sat Aug 31, 2019 7:35 am
Location: San Diego

Re: Zondeminder portal hacked/breached

Post by dougmccrary »

Does changing password help to log out all existing users or not?
Not by itself - but it will make it harder for them to re-connect.
marcot
Posts: 7
Joined: Sun Jan 23, 2022 7:16 pm

Re: Zondeminder portal hacked/breached

Post by marcot »

Thank you for the info.
Post Reply