hmjgriffon
Known around here
VPN Gives you full remote access to your NVR w/out any requirement that your NVR has internet connectivity, as long as your VPN Server does.
yeah, you could block it too, why not.
VPN Gives you full remote access to your NVR w/out any requirement that your NVR has internet connectivity, as long as your VPN Server does.
Nope - this 'backdoor' isn't some built-in spyware or malware chatting to it's C&C server - it was (is) a high-level access vulnerability.I thought the backdoor allowed the camera to call out \ aka phone home...so port FWD would not make a difference for that correct?
Or is the BD issue not what i'm thinking?
for what purpose? are you forwarding ports from the internet directly to your cameras? backdoor or not, the standard best practice would make it a non issue.
The victims of this backdoor are people that don't know how to secure their cameras.
I totally agree and that's how I have my network secured and TBH it's a pain in the backside but since this system is used by an elderly couple adding the extra VPN step would be a big ask and a tech support nightmare. Plus I think I would have to change out their router as it doesn't support PPTP dialin VPN.
So If anyone can suggest an app for android that will handle the dialling of the VPN on the users behalf I'd like to know.
It's all well and good preaching VPN! VPN!, but until people like us make this stuff "iphone easy" then people are just going to port forward.
Zeddy means that the people don't want to use a vpn because on android there is no easy way without starting the tunnel by hand. And it prevents to get push notifacations. For this you need the p2p or port forwarding.
Anyway, first I would say, keep the firmware up to date, and don't use Chinese market firmwares! Dahua is working on these problems, and solved all vulnerability in the past months.
I don't want to mess around another discussion about the benefits of vpn vs p2p, closing everything is nice, but not on every condition possible. I need to think about all the port forwarding for exchange and all the home automatisation stuff... or the bunch of routers with many more security problems.
And preventing the cams to access Internet needs to remove dns entries. This is complicated, you will lose email announcements and maybe some more.
I would say, everyone should decide what security level he needs, and then he can use several ways to achieve his goals. But if he doesn't use vpn it sometimes sounds here like he is a stupid idiot.
For me my security concept is fine, although I use p2p and port forwarding and vpn. I explained my concept at vpn primer for noobs, and the answers are speaking for themselves.
Did you try it? The cam needs to contact the app. How should it be possible without Internet connection at the moment of alarm activity between app and cam.
No, they have "solved" the KNOWN published vulnerabilities..you are very naive. You are a stupid idiot if you port forward these cameras...there is no reason you need to port forward for push or email notifications...Zeddy means that the people don't want to use a vpn because on android there is no easy way without starting the tunnel by hand. And it prevents to get push notifacations. For this you need the p2p or port forwarding.
Anyway, first I would say, keep the firmware up to date, and don't use Chinese market firmwares! Dahua is working on these problems, and solved all vulnerability in the past months.
I don't want to mess around another discussion about the benefits of vpn vs p2p, closing everything is nice, but not on every condition possible. I need to think about all the port forwarding for exchange and all the home automatisation stuff... or the bunch of routers with many more security problems.
And preventing the cams to access Internet needs to remove dns entries. This is complicated, you will lose email announcements and maybe some more.
I would say, everyone should decide what security level he needs, and then he can use several ways to achieve his goals. But if he doesn't use vpn it sometimes sounds here like he is a stupid idiot.
For me my security concept is fine, although I use p2p and port forwarding and vpn. I explained my concept at vpn primer for noobs, and the answers are speaking for themselves.
No, they have "solved" the KNOWN published vulnerabilities..you are very naive. You are a stupid idiot if you port forward these cameras...there is no reason you need to port forward for push or email notifications...
Also you CAN use tasker to automate the vpn on android..this has been discussed many times.
Have Tasker automatically connect/disconnect your VPN connection
Of course it works with an active vpn tunnel, but on mobile devices it's not active all time long. At screen off the tunnel is closed and then you can't receive push notifications.works for me, I'm not understanding why the app would not be able to talk to it through the VPN but it can outside of the VPN, it should be able to.
Of course it works with an active vpn tunnel, but on mobile devices it's not active all time long. At screen off the tunnel is closed and then you can't receive push notifications.
I haven't adviced to use port forwarding. Please read carefully.No, they have "solved" the KNOWN published vulnerabilities..you are very naive. You are a stupid idiot if you port forward these cameras...there is no reason you need to port forward for push or email notifications...
Also you CAN use tasker to automate the vpn on android..this has been discussed many times.
Have Tasker automatically connect/disconnect your VPN connection