TechBlog

Teknik och filosofi

DNS bug in ESCAM Ant QF605

en kommentar

I recently bought a cheap IP camera from China, the ESCAM Ant QF605. I have bought cheap Chinese stuff before, and generally they have decent hardware but really crappy software.

The QF605 was no exception.

The software is a cloud based app for Android phones, and is supposed to “just work”. But it didn’t. The application reported that the camera was “successfully registered”, but then “offline” when I tried to connect to it.

After leaving the camera on for the night I was able to successfully connect to it. But after a reboot the “offline” problem was back.

As always, I turned to Whireshark to see what was going on. The problem is that the camera is WiFi-only so I had to configure a monitor port in my switch and listen to the access point traffic. But after that the problem was obvious.

The camera successfully receives an IP address from my DHCP server in my router. The DHCP offer contains two DNS server of my Internet Provider.

image

The problem is that these DNS-server was only used initially (packet 566-575 below), but after that the camera tries to use the gateway as DNS-server (packet 590-940 below).

image

Home routers normally sets itself as a DNS server for the DHCP clients on the network, but this camera apparently REQUIRES that your router is your DNS-server.

Since I have a competent router I just entered a custom NAT-rule to forward incoming DNS-requests to a external server, a sort of DNS-proxy.

After that everything works as expected.

image

Av kalle

december 28th, 2015 at 1:40 e m

En kommentar to 'DNS bug in ESCAM Ant QF605'

Prenemurera på kommentarer via RSS eller TrackBack till 'DNS bug in ESCAM Ant QF605'.

  1. I just ordered one of these cameras, and plan to set it up so I can use it for remote monitoring of my home. You saved me from much confusion and frustration. Thank you very much for sharing this.

    Ran Talbott

    11 Jul 16 at 03:28

Kommentera