[Boards: 3 / a / aco / adv / an / asp / b / biz / c / cgl / ck / cm / co / d / diy / e / fa / fit / g / gd / gif / h / hc / his / hm / hr / i / ic / int / jp / k / lgbt / lit / m / mlp / mu / n / news / o / out / p / po / pol / qa / r / r9k / s / s4s / sci / soc / sp / t / tg / toy / trash / trv / tv / u / v / vg / vp / vr / w / wg / wsg / wsr / x / y ] [Home]
4chanarchives logo
Hi /g/, I recently purchase a cheapish IP camera off Amazon
Images are sometimes not shown due to bandwidth/network limitations. Refreshing the page usually helps.

You are currently reading a thread in /g/ - Technology
Thread replies: 13
Thread images: 2
Anonymous
2016-05-15 12:27:33 Post No. 54559853
[Report] Image search: [Google]
File: IP_Security_Cameras[1].jpg (160 KB, 550x573) Image search: [Google]
IP_Security_Cameras[1].jpg
160 KB, 550x573
Anonymous 2016-05-15 12:27:33 Post No. 54559853 [Report]
Hi /g/,

I recently purchase a cheapish IP camera off Amazon which is pretty good apart from one thing, the login/ menu/ GUI isn't HTTPS.

How much of a security issue is this if my general network security is bretty good to start with?

Also IP security general. Not enough of these threads.

Pic related: a pretty sweet set up.
>>
Anonymous 2016-05-15 13:13:30 Post No.54560325
[Report]
Anonymous 2016-05-15 13:13:30 Post No.54560325 [Report]
>>54559853
It's fine unless it faces the internet.
>>
Anonymous 2016-05-15 13:53:14 Post No.54560701
[Report]
Anonymous 2016-05-15 13:53:14 Post No.54560701 [Report]
Just join it to the open webcams group.
>>
Anonymous 2016-05-15 14:04:33 Post No.54560810
[Report]
Anonymous 2016-05-15 14:04:33 Post No.54560810 [Report]
>>54560325
And if it does face the internet, is this an inherent risk if the admin username and password are changed from default?
>>
Anonymous 2016-05-15 14:31:25 Post No.54561071
[Report]
Anonymous 2016-05-15 14:31:25 Post No.54561071 [Report]
>>54560810
so long as you protect against bruteforce attacks
>>
Anonymous 2016-05-15 14:39:52 Post No.54561187
[Report]
Anonymous 2016-05-15 14:39:52 Post No.54561187 [Report]
>>54559853
I have all my cameras connected to a separate firewalled PC with 2 network interfaces.
The PC also runs a VPN client to allow for secure remote access.

Don't trust the camera firmware. It's usually proprietary and especially cheap ones are known to phone home aggressively.
>>
Anonymous 2016-05-15 14:41:31 Post No.54561211
[Report]
Anonymous 2016-05-15 14:41:31 Post No.54561211 [Report]
>>54561187
>>54559853
P.S. If it's just 1 or 2 cameras, a Raspberry Pi 2 is enough. Just add a second network interface.

Alternatively you can use a cheap WiFi router with OpenWRT. Make sure it allows firewalling by physical port tho
>>
Anonymous 2016-05-15 14:43:02 Post No.54561241
[Report]
Anonymous 2016-05-15 14:43:02 Post No.54561241 [Report]
>>54560810
If it does face the internet, do not log into it from outside your network. Inside your network is fine as long as you trust every single other client on that network.
You can easily install an SSL reverse proxy on your network though and access it externally through that.
>>
Anonymous 2016-05-15 14:46:03 Post No.54561284
[Report] Image search: [Google]
Anonymous 2016-05-15 14:46:03 Post No.54561284 [Report]
File: 712xWCAMkHL._SL1600_.jpg (156 KB, 864x951) Image search: [Google]
712xWCAMkHL._SL1600_.jpg
156 KB, 864x951
>>54561241
Good advice but
>Inside your network is fine
yes, if you don't allow the camera to connect to the outside world.

Pic related, firewall log caused by the popular Foscam C1.
>>
Anonymous 2016-05-15 14:54:18 Post No.54561401
[Report]
Anonymous 2016-05-15 14:54:18 Post No.54561401 [Report]
>>54561284
There's no security issue with using http for an internet facing client as long as the credentials are sufficiently complex, rate limiting is in place, and no authentication is performed on untrusted networks.
Spam in logs is not a security issue and is going to happen whether you use SSL or not.
>>
Anonymous 2016-05-15 14:58:46 Post No.54561468
[Report]
Anonymous 2016-05-15 14:58:46 Post No.54561468 [Report]
>>54561401
>Spam in logs is not a security issue
The camera connects to remote servers if you don't explicitly firewall its outgoing traffic.
How is this not a security issue?
>>
Anonymous 2016-05-15 15:03:46 Post No.54561549
[Report]
Anonymous 2016-05-15 15:03:46 Post No.54561549 [Report]
>>54559853
>the login/ menu/ GUI isn't HTTPS.
so run it behind an https server, duh

https://www.nginx.com/resources/admin-guide/reverse-proxy/
>>
Anonymous 2016-05-15 15:57:20 Post No.54562255
[Report]
Anonymous 2016-05-15 15:57:20 Post No.54562255 [Report]
>>54561468
That has nothing to do with the login page using SSL or not
Thread replies: 13
Thread images: 2
banner
banner
[Boards: 3 / a / aco / adv / an / asp / b / biz / c / cgl / ck / cm / co / d / diy / e / fa / fit / g / gd / gif / h / hc / his / hm / hr / i / ic / int / jp / k / lgbt / lit / m / mlp / mu / n / news / o / out / p / po / pol / qa / r / r9k / s / s4s / sci / soc / sp / t / tg / toy / trash / trv / tv / u / v / vg / vp / vr / w / wg / wsg / wsr / x / y] [Home]
All trademarks and copyrights on this page are owned by their respective parties. Images uploaded are the responsibility of the Poster. Comments are owned by the Poster.
If a post contains personal/copyrighted/illegal content you can contact me at [email protected] with that post and thread number and it will be removed as soon as possible.
DMCA Content Takedown via dmca.com
All images are hosted on imgur.com, send takedown notices to them.
This is a 4chan archive - all of the content originated from them. If you need IP information for a Poster - you need to contact them. This website shows only archived content.