Recent content by PiIot

Prepare for the worst, hope for the best

Right. If someone is able to crack your WPA2psk network, they're definitely going to have the tools to spoof a MAC.

Not trolling, I'm new here. Vulnerabilities of the hardware/firmware have never really worried me much as I can completely segregate the cams in their own VLAN and block all network access to/from them. I think an ethernet based cam using an rpi as a wifi bridge is the best option.

No, MAC addresses are easily spoofed

Seems pretty wild to me that a "security camera" wouldn't have the most secure methods of communication available to it - and no one seems to care. Now I might be assuming a little much here, but if I can use a rpi to connect to my 802.1x network, I can almost guarantee that the WNICs in most...

If you've figured out how to crack a 2048bit encrypted SSL cert, then my wifi network is the last thing you're going to be looking at lol. These things I'm worried about are all within my control and fairly simple to configure. Manufacturing processes aren't.

Oh there's always a chance that it gets cracked on the first attempt. What makes you think every brute force attack out there starts with 00000 and then tries 00001, 00002, 00003...? What if your neighbor saw you or someone connecting to your wifi and noticed the amount of digits you put in...

Watchdog alerts in blueiris. Also, if someone is coming to my house with a wifi jammer, they can just as simply put on a mask and knock my PoE cams off with a baseball bat. Watchdog push notification on my phone > call the police. That's about all you can do in that situation.

Best case scenario, sure. Worst case scenario though? They crack it on the first attempt. I'd rather there be no scenario at all and have the network un-crackable using EAP-TLS. I also would not prefer to give visiting guests a 20+ character randomized...

I guess I don't have as big of an issue with putting wifi devices like thermostats on the wpa2-psk ssid/vlan and segregating them off other than MQTT or TLS ports. How much access/damage could someone do if they got into your thermostat?

All it takes is time to crack wpa2-psk, and there are plenty of examples online of how to: How to Hack Wi-Fi: Cracking WPA2-PSK Passwords with Cowpatty Time isn't an issue with a nosy neighbor. Sure, you could rotate your PSK's once a month or so to lower your risk, but since that task would...

I have 8 poe cameras already. The camera angle I'm wanting is a 300ft+ run from my server cabinet. I'd rather not go through all the hassle doing that long of a cable run when I could get a wireless camera configured much easier. There are definite use cases for wireless cameras as much as...

Why are there no wireless 802.1x aka WPA2-Enterprise compatible cameras out there? Am I just not finding them? WPA2-PSK is vulnerable to many exploits both social and technical, and I'm surprised by the amount of people that are just OK with using it. Yes I can create a separate SSID and VLAN...