r/Network • u/Bravsma • 16d ago
Link Network scan found a security camera
I had my weekly Avast network scan today and it detected a new security camera. I live just one other person (family member) who I have a strained relationship with.
I have tried accessing the IP address of the camera directly but it shows a grey screen. MAC address shown in apparently one of those randomised ones.
Pictures attached to these post to show what I have described above.
How do I find out the location of the camera or what it is streaming/capturing?
Thanks in advance.
2
u/PriceyLigament 16d ago
Try blocking the IP on your router and see if your family member complains. That'll confirm if they put it there or if it's something else entirely.
2
u/LupercaniusAB 16d ago
Wouldn’t they just get around that by renewing the DHCP lease and getting a new local IP?
2
2
u/spitfireonly 16d ago
Snmp walk that bitch. See what you get. Some times the mac address OUI can be misleading. And also scan all ports on that IP using nmap.
See if you get any regular rtsp streams etc.
4
u/Wonderful_Tap_6991 16d ago
from cmd/terminal:
telnet 192.168.0.198 80
GET / HTTP/1.1 <enter>
Host: <enter>
<enter><enter>
hit ENTER twice afeter type .
It should give you some information, such as the web server version.
Or press F12 in your browser and look for the headers in the HTTP response.
1
u/Living_Fig_6386 16d ago
Does someone in the household (or a recent visitor have an Android phone, tablet, laptop, or tablet made by Huawei (or Honor)?
1
u/Bravsma 16d ago
Thanks everyone. I can confirm no Huawei phones or products in the household (at least none that I am aware of).
I will try all your suggestions and let you know what I find.
2
u/icehot54321 14d ago
I don't know that you can know it's a security camera .. but who knows.
I would find some tools to try and man in the middle the connection via arp spoofing and try and see what it is doing .. or just block it / change your password, etc.
1
u/MemeLordAscendant 16d ago
Ping it rapidly and use a deep metal pot around the router. It should give you a direction to go in.
1
1
u/vequalsir_ 14d ago
Does anyone in the household use a managed laptop from work? Mine identifies as a camera. This is because of the security software on the computer. ZScaler might be culprit.
1
1
u/bobdvb 13d ago
Given it says unknown name and unknown model, plus it hasn't shown you an ONVIF port, I don't think it's certain that it is a camera.
Avast is probably presuming it's a camera based on the MAC prefix. If the MAC is changing randomly then it could be that MAC prefix isn't relevant to the device.
90% this is another users phone or laptop which is set to randomise it's MAC.
1
1
u/bustedghost 12d ago
I'd see if I can view get to the image:
Run VLC
Media > Open Network Stream
rtsp://192.168.0.198/
Play
1
u/hyunjunaka0228 12d ago
I recommend you to scan all ports of that camera using NMAP in order to check whether there is a way to see where it is installed.
1
0
16
u/SpagNMeatball 16d ago
It is very unlikely that a camera would use a randomized MAC, the tool is probably just guessing. SNMP Does show as an available service, try an SNMPwalk tool to get more info.