Search results

It depends on your comfort level and willingness to learn. For me it was not overkill. My preference is to go with solutions that give me options, and I also prefer open source. I like PF because the source code is open and is heavily scrutinized. If you go with a system that is closed...

Couldn't you give them access to the web interface and limit the camera you want them to see based on their username in BI? "Share one of my camera streams" is pretty open-ended. Without an app, how would they process the stream?

I believe the VPN section you are accessing is for site-to-site VPN. You need remote access VPN. What other VPN choices does your router give?

I got the 3042 and I wish the starlight cameras were as available as they are now. I would go the starlight route if I were to do over. Don't get me wrong, I'm not dissatisfied at all with LTS or the 3042. I mistakenly thought more MP meant better picture. During the day that might be the...

Hopefully it gives the folks who say "I've got nothing to hide. Who cares if someone views my feed" something new to think about. They might care if it ruins their investment and they need to buy a new device.

Folks - be extremely careful with uPnP and port forwarding, and understand exactly which ports you have open to the internet. There is apparently a new bot similar to Mirai who's only goal is to intentionally brick your devices. Sometimes the changes are permanent. See the article below: New...

In the case of the good samaritan, it's a shame one has to second guess everything when doing the right thing should be a no-brainer.

I would not use SimpliSafe, nor would I recommend them to any of my family or friends. They designed their systems with no way to upgrade the firmware, and the technology is susceptible to a replay hack on the wireless arm/disarm commands. SimpliSafe brushed it off. There's a major, unfixable...

I use Keypass for personal use and Roboform for work use. The idea is that you use different passwords for everything in case one is compromised. Anything is better than using the same password for everything.

Your android phone would run the openvpn app in addition to the BI app. You run the openvpn app, connect, then run the BI app. As far as the BI app is concerned, you are connected to the LAN. The VPN software on your phone tunnels the BI communication into your network through the firewall.

Since you are using PFsense as your firewall/router, I strongly urge you to look into using OpenVPN rather than an inbound NAT. It is built-in and will provide much more security than the BI app will. You are essentially entrusting the security of your whole network and any device attached to...

Your best bet is to look at yard sales and classifieds and buy some older used equipment (router, switch, firewall, etc) and play around with it yourself. The best place to start in my opinion is one of the O'Reilly books. I used an older edition of this one when I first stared out: TCP/IP...

Thanks. I never thought to look there. Don't you have to install it to gain access to the help file?

Are there formal release notes for the updates? I know fenderman provides some basic ones on the forum, but I can't find anything on their website outside the "most recent features" bullet list. It would really help determine if an update should be installed or left go. If I missed it, my...

A US source for rebranded (I hope that's the right term) Hikvision cameras is LTS. PM forum user Milkisbad for more information on what LTS has to offer. This is the route I took and am very happy with the results. Great support as well. Like fundean, I went the dell optiplex route on ebay...

This is good to know. I have not used them in a year or two. Thanks for the education!

This site provides some reviews for public Certificate Authorities (CA): https://www.sslshopper.com/certificate-authority-reviews.html Verisign used to be the gold standard, but they were purchased by Symantec. Back in May there was some noise about their misuse of their signing authority to...

If you need the SSL certificate for encryption only, you can go the route nayr suggests, or google "self signed certificates" or "openssl". You can create your own for free. If you need both encryption and identity verification (public facing site), a good place to start might be...

It's not that hard if you think of your network like a castle. The router/firewall is the moat around the castle. In order to get inside the castle, you need to raise and lower the drawbridge. The VPN acts like a drawbridge. When you want to get into the network, you start your VPN on your...

Nest is uploading all the video then what you view is downloaded from them? That sounds awful to me. What is the selling point for something like that? I can't imagine what Nest is doing with everyone's videos they assimilate. It would freak me out. Do most people not realize that's what it...

Was it directly connected to or port forwarded to the internet?

Sorry, my question and comment was meant for the OP @PSPCommOp.

It looks like you are just blocking inbound port 80 to those cameras. What router/software is it and are you able to specify a port range, or use port 0? Something to think about, are you using NTP on the cameras and what do you have configured for a time server? You are also listing the...

I don't have experience with the Sricam app, but I do have experience with iphones and other apps that use local storage on the device. If it is an iphone, open itunes and have the phone connected to the computer. Click on your phone in itunes, then apps. At the bottom, you should see a list...

^^This. I do the same thing. Let them all get time info from one source on your network.

I'm glad you are taking the time to understand this BTW. It is critical to understand how this all works. Otherwise you open yourself up to the potential theft of personal information. Believe me, that is no fun.

Your router essentially has a clean side and a dirty side. The dirty side is the Internet, the clean side is your internal network. If you want to allow communication from the dirty side to the clean side, you need to create a path, like a drawbridge over a moat. The VPN service acts as that...

To view video from outside your network, there needs to be a way to gain entry. Sometimes people allow their equipment to be directly accessible from the outside world through port forwarding. Most routers allow for this, either manually or automatically through UPnP (Universal Plug-n-Play)...

Have you looked at implementing a VPN? OpenVPN is pretty awesome and it has clients for mobile devices as well as many OS. At the very least, can you change the port forward for the web port to something different for the time being?

For example, here is an article that discusses the hardcoded username/passwords pulled from the Mirai source code: https://krebsonsecurity.com/2016/10/who-makes-the-iot-things-under-attack/ There are several vendors listed there, all with the hardcoded root/admin backdoor credentials.