Looks like the protocol was not designed for TCP. The fourth byte appears to be a fragmentation flag.
Tiger: not after two years. It involved changing the ntpd config.
But seriously, the best way to reverse engineer that DVR would be to poke it in various ways and see how it responds. Replay the first packet, send a keepalive every 20 seconds, and see when it sends alarm packets.
Tiger: not after two years. It involved changing the ntpd config.
But seriously, the best way to reverse engineer that DVR would be to poke it in various ways and see how it responds. Replay the first packet, send a keepalive every 20 seconds, and see when it sends alarm packets.