I have a Wyze Cam V2 with firmware version 18.104.22.168. My network security configuration allows for GeoIP blocking, and as such, I do not allow access to and from my network to specific countries. I have noticed, however, that my Wyze Cam is constantly and consistently attempting connections to 22.214.171.124 (appears to be a Chinese address) over UDP 10001. I only noticed this due to my GeoIP blocking, so I have not had a chance to capture the network traffic long enough to determine what other connections, both successfully or unsuccessfully, are occurring. Even before I go that route, can someone validate that this traffic is “normal”, and even so, is there anything that can be done to eliminate the traffic from attempting overseas connections?
After doing a packet capture from my gateway, I noticed that the camera attempts UDP 10001 connections to the following IPs:
My security configuration was only keying in on 126.96.36.199, as it is in China.
I will tag some devs on your post so they can address your concerns.
We limit all the streaming traffic within North America servers except for camera registration, which we intend to fix it in the next release. Do you remember what you were using in the app that could cause connecting to foreign IPs?
I haven’t done anything except set it up per the camera’s instructions. My network is pretty locked down, so if it is not supposed to be attempting outbound to the address I noted, I too would be interested in knowing what is going on. I actually received two more cameras today, so I can let you know if the same issue occurs.
I believe this this the heartbeat to connect to servers of our connections service. We will check with our service provider and get back on this. Thanks!
We will check with our service provider and get back on this. Thanks!
It’s been 29 days. Is there any updates on this? Thanks
I’m seeing Cam Pan (ver 188.8.131.52) with sensor bridge (ver 0.0.0.30) attempting to connect to 184.108.40.206 (Taiwan) and 220.127.116.11 (China).
That’s weird as I also track all connectivity attempts from/to any devices in my networks and I’ve only seen wyze connect to domestic/us aws nodes with an occasional hit to ones in Canada. The only other anomaly was actually today when one of the cams attempted to access an isp connection point in Miami which did not come back as aws so I blocked it when I got the alert. I’ve never had any of the 4 wyze cams I’m running try to connect to China (but every single one of my 24 dahau and hikvision ip cams immediately try multiple ports at multiple ip’s all in China as soon as they power up)
I ran my camera on a separate wireless network which is connected through a PC with two NICs and logged the connections from the camera for a short period of time. The following are all the servers that it connected to.
DestinationAddress DestinationPort Connections WhoisOrganization
18.104.22.168 123 4 National Institute of Standards and Technology (NIST)
22.214.171.124 443 6 Amazon Technologies Inc. (AT-88-Z)
126.96.36.199 8443 6 Amazon Technologies Inc. (AT-88-Z)
188.8.131.52 8443 2 Amazon Technologies Inc. (AT-88-Z)
184.108.40.206 8443 4 Amazon Technologies Inc. (AT-88-Z)
220.127.116.11 8883 2 Amazon Technologies Inc. (AT-88-Z)
18.104.22.168 10001 4 OVH Hosting, Inc. (HO-2)
22.214.171.124 10001 4 Leaseweb USA, Inc. (LU)
126.96.36.199 10001 4 Nobis Technology Group, LLC (NTGL)
188.8.131.52 10240 4 Beijing Jingdong 360 Degree E-commerce Co., Ltd.
184.108.40.206 10240 4 FDCservers.net (FDCSE)
220.127.116.11 10240 4 FDCservers.net (FDCSE)
I’m running the latest firmware which is 18.104.22.168. The camera is a WYZE Cam v2.
Someone from WYZE, please explain what these servers are. In particular, I would like to know what the Chinese server is being used for, but, also the other non-Amazon servers. What are ports 10001 and 10240 used for?
Note, the Android app connects to the same Chinese server that the camera does.