Comfort Home Automation/ Security System Forums Home
Home Search search Menu menu Not logged in - Login | Register

all user codes deleted on signin atempt
 Moderated by: admin
 New Topic   Reply   Printer Friendly 
 Rate Topic 
AuthorPost
 Posted: Friday Nov 29th, 2013 12:58 pm
   PM  Quote  Reply 
1st Post
agenor
Comfort Installers


Joined: Thursday Apr 21st, 2011
Location: Rijeka, Croatia
Posts: 86
Status: 
Offline

  back to top

Yesterday we experienced very strange behaviour on one of our installations.

The system is a 9000 ultra, with 3 SEMs and 3 LEMs (altogether 56 zones and only several home automation outputs for remote control), UCM/GSM, 1 KP06, and 1 KT03. Panel and every SEM has its own power supply and battery.

The system is configured via a UCM/Eth02 that we bring with us every time.

Previously to this problem the system had a series of problems with UCM/GSM and with occasional false alarms occuring from different PIR, smoke and window magnet sensors all around the house. False alarms occur from time to time and are not related to any single SEM, or part of the house, etc.

Yesterday, a housekeeper entered the house as usually, tried to key in his regular user code at the KT03, by the front door, but the panel did not accept it. It continued to count the entry delay time. The housekeeper went down the hall to the garage and tried to key in the same code at the KP06 in the garage, with the same result. After trying too many times, he triggered a signin tamper, approximately at the same time that the sirens started.

As the sirens kept sounding, and he couldn't disarm the system, he (I don't know how) simply bypassed all the zones in the house so the sirens stopped.

The next morning we came in to see what happened.

All user codes were deleted from the system. The two window magnet zones that previously made a false alarm now and again - were now permanently open (the zones are open although the windows are actually closed).
I cancelled the signin tamper using the default code *1234# twice.
We downloaded the event log and made a full backup of the panel (for analysis) and then made a partial download of the user codes back into the panel.

Then we tried to test the system. It was working, but it was very laggy and unresponsive. I.e. - I press the night mode, and then it takes about 5-10 seconds until the touch-screen announces the open zones, I press #, and again it takes about 5 seconds until it announces "Night mode". Then we deliberatly cause an alarm (open a window) and try to key in a user code. After keying in the correct code and pressing #, the sirens are still sounding. 2-3 seconds later, I key in the code again. The sirens are still sounding, the touchscreen says "Wrong code" and then, a second later, the sirens stop, and the system says "security off, thank you, goodbye". I suppose it's because the last digit of the code is 0, so it interpreted a "0" followed by a "#" as "security off" command and then command to stop talking.

Next, we try the same thing again, only, under intruder alarm, I key in the code only once. After about 10 seconds, the alarm stops, and system accepts the signin.

Then we try the same thing from the keypad in the garage (thinking that the lag may be caused by the touch screen unit), but it behaves the same.

Then we go to lunch and an hour later, everythings behaves perfectly??!!

Analyzing the event log, this is where the problems started:

11/27 14:17 Zone Activation # FrontDoor (7)
11/27 14:17 Alarm Type # EntryAlert (10)
11/27 14:17 Sign in - User # 2
11/27 14:18 Delete User # 0
11/27 14:18 Delete Message # All Mailboxes
11/27 14:18 Alarm Type # EntryWarning (21)
11/27 14:18 Alarm Type # Intruder (1)
11/27 14:18 Dial Number # 1
11/27 14:19 Dial Number # 2
11/27 14:19 Alarm Type # SigninTamper (31)
11/27 14:19 Alarm Type # SigninTamper (31)
11/27 14:19 Alarm Type # Intruder (1)
11/27 14:19 Zone Activation # GarageDr (11)
11/27 14:19 Alarm Type # SigninTamper (31)
11/27 14:19 Dial Number # 1
11/27 14:19 Alarm Type # SigninTamper (31)
11/27 14:19 Remote Signin - User # CMS Kissoff
11/27 14:20 Alarm Type # SigninTamper (31)
 


after this last line, comes another dozen of signin tampers then some intruder alarms, then bypassing of all the zones, occasional signintamper, dialling out to the monitoring centre, etc.

But look at the two lines "Delete User # 0" and "Delete Message # All Mailboxes". This is something that he surely didn't do. He hasn't got the clearance for that *and* he doesn't know how to do it. What happened at that moment is - the panel didn't accept his code and he went to the garage to try on another keypad. Going down that hallway there aren't any PIRs to trigger the alarm this whole space is entry zone (hallway between front door and garage, and the garage itself).

If you need a complete event log and/or panel backup, let me know, I can upload it for you.

Last edited on Friday Nov 29th, 2013 01:00 pm by agenor



 Posted: Saturday Nov 30th, 2013 03:24 am
   PM  Quote  Reply 
2nd Post
ident
Administrator


Joined: Wednesday Aug 9th, 2006
Location: Singapore
Posts: 3496
Status: 
Offline

  back to top

According to the event log, the front door was opened caung an entry alert

The user code 2 was entered but the system was not disarmed because the * key preceded the code eg *1234#  does not disarm the system, it goes into the user menu. This is because when the systtem is armed, you can enter the user code  to go into user menu to do something else besides disarm the system by pressing * code #

Delete User 0 means all the mailboxes were erased
This was most likely caused by pressing 9 for program menu, 5 for user codes, 0 to erase mailboxes and 1 to confirm, so ie 9501. Perhaps he or she may have been trying to enter the code again at that point and just entered  the sequence by mistake. You can repeat that sequence to show that this is what it does.

I dont know why the system would be unresponsive. Piossibly it may be due to some problem on the bus
You can run Comfort Bus Monitor from Tools and check if there are any errors on the bus. Peraps run overnight and save the results for analysis



 Posted: Saturday Nov 30th, 2013 08:41 am
   PM  Quote  Reply 
3rd Post
agenor
Comfort Installers


Joined: Thursday Apr 21st, 2011
Location: Rijeka, Croatia
Posts: 86
Status: 
Offline

  back to top

Thank you for a swift reply!
The housekeeper didn't enter the code with a leading * because he didn't know about it. He always uses nnnn#.
I entered *1234# the next day, twice, to cancel the signin tamper.
I will check about 9501.
If it is his code, then, obviously the system accepted his code the first time. Then - why did the system didn't disarm and how did a signin tamper happen?



 Posted: Saturday Nov 30th, 2013 09:30 am
   PM  Quote  Reply 
4th Post
ident
Administrator


Joined: Wednesday Aug 9th, 2006
Location: Singapore
Posts: 3496
Status: 
Offline

  back to top

He may not have known about the * key but hat does not mean he did no enter the * key

If you see the event log, he signed in successfully as user 2 BUT the system was not disarmed.  The only way that can happen is if there is * before the code
If he entered the code# without the * key the system would be disarmed

The system did accept his code the first time
The sign in tamper only happened later after he deleted all the mailboxes




 Posted: Saturday Nov 30th, 2013 12:10 pm
   PM  Quote  Reply 
5th Post
agenor
Comfort Installers


Joined: Thursday Apr 21st, 2011
Location: Rijeka, Croatia
Posts: 86
Status: 
Offline

  back to top

Ok, thanks again! We'll try to repeat the situation.



 Current time is 03:30 am
Top




UltraBB 1.172 Copyright © 2007-2014 Data 1 Systems