Menu
What's new

How to setup DuckDNS?

M

Metallo

Getting the hang of it
Joined
May 18, 2023
Messages
28
Reaction score
25
Location
Canada
Hi guys,

I have spent all day trying to figure out why I cannot get my created domain to work.

What do I want to achieve? I want to enable https connection to my Lorex webservice so that when I want to connect to the webservice address remotely, from external computers, it is, say, more secure.

I also want to install a third party trusted certificate.

So, here is what I have created/installed so far on my W10:
  • I have created a duckDNS domain
  • Installed a DuckDNS Updater and populated it with domain and token
  • I have installed Certbot
I tried multiple time to get a CA Cetificate using cmd prompt, but without success.

When I try to hit the duckDNS domain I have created, it times out, which means I am doing something wrong with port forwarding.

I am not an IT guy, but at this point I need your help.

Thank you!
Alex
 
M

Metallo

Getting the hang of it
Joined
May 18, 2023
Messages
28
Reaction score
25
Location
Canada
Hi All,

I am afraid I have to give up, I think I have taken all the necessary steps, I have read dozens of pages on the internet, but still when I try to ping, my connection times out and fails.

Given that I cannot get it to work, I'd like to create at least a device certificate, but there is no documentation existing anywhere on how to fill out the following: so I do not know which format to use for the date or what to enter in the organization fields.

1688310611975.png

It looks to me Lorex is doing its best to prevent users to secure their system :)

Alex
 
fenderman

fenderman

Staff member
Joined
Mar 9, 2014
Messages
36,907
Reaction score
21,293
Metallo said:
Hi All,

I am afraid I have to give up, I think I have taken all the necessary steps, I have read dozens of pages on the internet, but still when I try to ping, my connection times out and fails.

Given that I cannot get it to work, I'd like to create at least a device certificate, but there is no documentation existing anywhere on how to fill out the following: so I do not know which format to use for the date or what to enter in the organization fields.

View attachment 166758

It looks to me Lorex is doing its best to prevent users to secure their system :)

Alex
Click to expand...
Its a good thing that you cannot get it to work. (its not a lorex issue, its a user issue). However, you fundamentally misunderstand the benefits of https - it will provide almost no effective security against the type of attacks against cams...
 
wittaj

wittaj

IPCT Contributor
Joined
Apr 28, 2019
Messages
25,317
Reaction score
49,299
Location
USA
+1 on the above statements.

We see plenty of people come here after being hacked despite https being enabled.

It does absolutely nothing to prevent the backdoor vulnerabilities from being exploited.

Ironically, these types of "security" systems (cameras, NVRs) are not very secure from the internet.

Enabling HTTPS on public facing NVR or camera without thinking one step further can actually do an attacker a favor to be less detectable by you (as well as for ISPs where the traffic is passing thru) - all it does is make you feel more secure, but in reality has done nothing to make your system more secure.

You need to prevent the cameras and NVR from touching the internet via the methods above.

Anything else like P2P, port forwarding, scanning a QR code, etc. allows the vulnerabilities to be exploited whether https is enabled or not.
 
M

Metallo

Getting the hang of it
Joined
May 18, 2023
Messages
28
Reaction score
25
Location
Canada
Understood and thank you for the heads-up.

Unfortunately, my router does not support VPN, and I typically use Surfshark for all my other VPN needs.

The Primer page is a lot of reading...it will take me time to figure out how to do this.

Thank you
 
wittaj

wittaj

IPCT Contributor
Joined
Apr 28, 2019
Messages
25,317
Reaction score
49,299
Location
USA
Surfshark hides your IP for illegal streaming and porno LOL.

You need a free VPN you host. Either on the router or a computer or one hosted elsewhere with something like zerotier.
 
M

Metallo

Getting the hang of it
Joined
May 18, 2023
Messages
28
Reaction score
25
Location
Canada
wittaj said:
Surfshark hides your IP for illegal streaming and porno LOL.

You need a free VPN you host. Either on the router or a computer or one hosted elsewhere with something like zerotier.
Click to expand...
Well, for me is more for streaming with multiple countries, and it works well for my purpose.

I see Zerotier is free for individuals, that is a starting point, but again, I would need more a step by step guide rather than a forum thread, it is so much to learn for a non IT person :(
 
fenderman

fenderman

Staff member
Joined
Mar 9, 2014
Messages
36,907
Reaction score
21,293
Metallo said:
Understood and thank you for the heads-up.

Unfortunately, my router does not support VPN, and I typically use Surfshark for all my other VPN needs.

The Primer page is a lot of reading...it will take me time to figure out how to do this.

Thank you
Click to expand...
If you car didnt support brakes would you drive it?
You actually dont need a router that supports vpn you can run it on a pc or similar device in your network. You should also consider using something like zerotier or tailscale
 
You must log in or register to reply here.
Top