Configuring Date/Time
- Thread starter MacFun
- Start date
Kitsap
Getting the hang of it
This works for me. I am in the US and on the West coast.
Attachments
biggen
Known around here
- May 6, 2018
- 2,688
- 3,060
I run a local NTP server on my LAN all my cams sync to. It’s pretty easy to setup a local private one on Windows or Linux.
You can use 0.us.pool.ntp.org if in the US to connect to a random USA NTP pool. The clock.isc.org doesn’t work last I checked.
You can use 0.us.pool.ntp.org if in the US to connect to a random USA NTP pool. The clock.isc.org doesn’t work last I checked.
You should be isolating your cams from the internet. Running your own time server allows you to point each cam to your time server and not have them accessing the internet.
Agreed, I think my 5231 can hit the internet..... I'll look for the cliff notes.... just removing the gateway breaks the connection? Or, do you get fancy with Vlans or does your router have separate physical port...? I know this should be hardened. I need to reeducate myself. I did create strong credentials...... So if it is available to the world what's the typical risk? That they could hack in and see my feed? Or, something more ominous?
Thanks!
biggen
Known around here
- May 6, 2018
- 2,688
- 3,060
@samplenhold nailed it. Plus running my own I know it works all the time and all the cameras are synced. Using a generic NTP could be a problem if there was a pool failure and I never noticed and the cameras got out of sync. Its a slim chance, of course, but if you need to submit video footage to the authorities having cameras in time sync goes a long way to help the DA.
Hackers gain access to your cams. They usually could care less about the video. They install bots and use your hardware and bandwidth for DOS and other bad things.
biggen
Known around here
- May 6, 2018
- 2,688
- 3,060
Not port forwarding to your cameras is a major step to "beefing up" your security.. You need to use a VPN to connect to your cameras when outside your network. Next step is to isolate the the cameras (or the subnet they are located in) so that they can't phone home.
It's not so much anyone seeing your feed. They couldn't care less about that. They use these cameras (and IoTs in general) as huge botnet attacks.
Right, I did not port-forward any cams..... but I also did not do anything special to stop them form phoning home. as I recall. Should I just remove the gateway info or the DNS settings in the cam. I'll look for a cliff note on this.
SouthernYankee
IPCT Contributor
Please read the IP Cam Talk Cliff Notes and other items in the IP Cam Talk Wiki. (read on a real computer, not a phone). The wiki is in the blue bar at the top of the page.
Read How to Secure Your Network (Don't Get Hacked!) in the wiki also.
Read How to Secure Your Network (Don't Get Hacked!) in the wiki also.
Mike A.
Known around here
- May 6, 2017
- 4,015
- 6,757
Some won't let you leave the gateway/DNS blank. If so, then you can almost always set it to the IP of the cam itself or some other nonexistent IP on your net. That doesn't guarantee that some other 'rogue' method might not be used to find a gateway out. You also should block by IP/MAC on your router/firewall if you can. Note the latter may affect incoming remote access to the cam.
tibimakai
Known around here
biggen
Known around here
- May 6, 2018
- 2,688
- 3,060
tibimakai
Known around here
biggen
Known around here
- May 6, 2018
- 2,688
- 3,060
tibimakai
Known around here
I'm a Mac user that does have a Pi Zero running as a PiHole, what's the optimal time serving scenario. Let it piggy-back on any computer that is normally on and that has a UPS? Or, a dedicated Raspberry Pi? Or, something else?
biggen
Known around here
- May 6, 2018
- 2,688
- 3,060
Use the same Pi you are using for PiHole. It should be as simple as
sudo apt install ntp. Then point some clients to the RPi and see if they begin syncing with it.Cool beans! My Pi is sitting on a dining room chair with no UPS backup and connects WiFI only, but okay. When a cam restarts does it lose time completely?