Blue Iris hacked?

[Q™]

@Warsaws - I'm not sure I follow how a VPN will solve the problem. He has someone randomly connecting to his server. The VPN will only be effective if he first blocks all internet access to the box and then permits the VPN traffic to it...

We're speaking of the member's port 80 traffic, correct? If yes then kampstra is correct imo; unless the member specifically closes his port 80 WAN traffic, running a VPN won't stop BGs from hacking away at his HTTP port.

Hacker ==>

 

[bp2008]

If he has Blue Iris, he has a powerful windows box, which is more than adequate to run a VPN server (like OpenVPN!) on. Heck, Windows even has a simple VPN server built in, though it is hard to configure last I checked. Anyway, it should go without saying that after getting a VPN working you would remove the port forwarding rules that expose cameras and/or Blue Iris.

 

[Warsaws]

Now I'm confused. That's back to what I've always done.

 

[kampstra]

In networking there are always multiple ways to do something, some are quick and easy and some require some extra leg work. The approach I mentioned to add a static route is a simple way to quickly block someone that is hacking your box. It's not a long term fix. If they are on a dynamic IP then the next time they reboot their cable modem/router they likely get a new IP address and will be back in your server. The best approach is to block all internet traffic to the server and use a secure tunnel with some kind of VPN (SSL, TLS, IPSEC) to secure remote access. This does require some additional software/hardware that is capable of hosting the secure connection and any remote clients will also need to be capable of supporting tunneling which means more leg work. I don't disagree that this approach is more secure and sustainable, it's just more leg work to setup and configure all the devices.

 

[switchman]

use a VPN and your BlueIris server wont need to be exposed to the internet..

What nayer said.