Dear forum users,
Our Zoneminder portal was breached/hacked or something els went wrong. Our admin user password was gone.
Our ZOneminder is accessible to the internet, so everybody was able to loging and look at our camera's.
I have some questions regarding this :
1. Is there a log on the server where we can check that if a client has access to the portal, what system / camera's they looked into ?
2. Is two factor authentication supported for login?
3. Is it possible to have camera streams available on the internet, but the webportal only from the internal LAN ? Now everyone in the world can access the webportal.
All reactions are very much welcome.
Zondeminder portal hacked/breached
Re: Zondeminder portal hacked/breached
1. If this is a ubuntu/debian system, then
Apache should be logging all requests in /var/log/apache2/access.log or other_vhosts_access.log
2. We do not support 2 factor authentication at this time.
#3. Technically yes. You would use a reverse proxy and only forward /cgi-bin urls.
Apache should be logging all requests in /var/log/apache2/access.log or other_vhosts_access.log
2. We do not support 2 factor authentication at this time.
#3. Technically yes. You would use a reverse proxy and only forward /cgi-bin urls.
Re: Zondeminder portal hacked/breached
Hi,
Thanks you for answering question 2 and 3.
We are using a older version of Zoneminder, v1.32.3.
There was no topic with 1.32.x, so I posted this here, I hope that is not an issue.
Zoneminder v1.32.3 uses httpd and webserver, or atleast the version we are using.
Any idea where the httpd logging is located?
Is there logging that show if a user is logged in, to what systems they have access to ?
Thanks you for answering question 2 and 3.
We are using a older version of Zoneminder, v1.32.3.
There was no topic with 1.32.x, so I posted this here, I hope that is not an issue.
Zoneminder v1.32.3 uses httpd and webserver, or atleast the version we are using.
Any idea where the httpd logging is located?
Is there logging that show if a user is logged in, to what systems they have access to ?
Re: Zondeminder portal hacked/breached
Does changing password help to log out all existing users or not?
-
- Posts: 1322
- Joined: Sat Aug 31, 2019 7:35 am
- Location: San Diego
Re: Zondeminder portal hacked/breached
Not by itself - but it will make it harder for them to re-connect.Does changing password help to log out all existing users or not?
Re: Zondeminder portal hacked/breached
Thank you for the info.