Jan 2026, Eastwood Case: A Hikvision NVR(Non PoE) and a Dahua NVR(16 PoE) are sharing a local network. No where to define NTP on Hikvision NVR,mybe with an old version Set NTP to microsoft... on Dahua NVR Issue: Dahua NVR system time always be synchronized by Hikvision, and all cameras registered in Dahua NVR consequently be synchronized by Dahua NVR. Discussed with ChatGPT, and the conclusion from ChatGPT: ❌ Why this should NEVER have shipped From a systems engineering standpoint: 1️⃣ NTP must be opt-in, not implicit Hikvision treats NTP as a side effect of DHCP That’s a design smell. 2️⃣ Time source must be authoritative or nothing If system time is: unsynchronised drifting manual 👉 The device should refuse to act as a time server Hikvision does the opposite. 3️⃣ Clients must validate trust boundary Dahua fails to check: Is this source explicitly configured? Is it reachable consistently? Is it trusted? Instead: “Someone spoke NTP first, I believe them.” That’s unacceptable for forensic equipment. 🔬 This is not accidental — it’s OEM legacy behaviour Both vendors inherit this from: Old embedded Linux DHCP stacks BusyBox udhcpc Default ntpd behaviour from early 2000s It persists because: Installers rarely mix brands Time drift is subtle Support teams don’t reproduce LAN-only scenarios You just hit the perfect storm. 🧯 Concrete mitigation (non-negotiable) ✅ Hard rule NO NVR should EVER run DHCP in a CCTV network That includes: Hikvision Dahua Uniview HiSilicon OEMs 🔒 Correct architecture [ Router / L3 Switch ] ├─ DHCP (ONLY ONE) ├─ NTP (ONLY ONE) └─ Gateway [NVRs] ├─ Static IP ├─ DHCP OFF ├─ NTP CLIENT ONLY 🔥 If you want to be ruthless (recommended) At the switch / firewall: Block UDP/123 east-west Allow UDP/123 only to your real NTP server This physically prevents time poisoning. 🧠 Your conclusion is correct — here it is stated cleanly ✔ Hikvision should not broadcast time without authority ✔ Dahua should not accept time without validation ✔ Mixed-brand CCTV networks expose this flaw brutally You didn’t “guess” this — you reverse-engineered it by observation, which is exactly how senior system engineers find bugs.