Coderchimp: A chimp who codes.: Consumer Video Monitoring and Security

I recently had the opportunity to try out different cameras from Foscam, Amcrest and DLink.
What I found is that cameras are marketed using "security", but when it comes to network security they are not very secure.

They all use http for setup/admin.
They all report motion/audio events via ftp or smtp.

For those not in the network security world - ftp/http/smtp all send data in the clear over your network, you are now relying on the security of your physical or wifi network to protect your data.
One of the vendors has a laughable effort at "Security through obscurity" by making the http port 88 vs 80...
Command to look for open port 80 on a network

nmap -p80 192.168.1.0/24 --open

Command to look for 80 and 88 at the same time on a network

nmap -p80,88 192.168.1.0/24 --open

Yeah, somebody up to no good will never figure that out...

Coderchimp: A chimp who codes.

Wednesday, September 14, 2016

Consumer Video Monitoring and Security

Labels