I am convinced that I DONT need a seperate VPN to remotely view my BI software screen and camera feeds !!!
Background
So you want to connect remotely to your Blue Iris & cameras at home via eg teamviewer, chrome remote desktop app or Microsoft Remote desktop. You should first should setup a vpn (virtual private network) then you can safely remote access. A VPN provides secure access control encrypting all the network traffic it carries so you can securely access your cctv remotely. Most of you use free openvpn on Asus router. Theres a massive section here on vpns : VPN Primer for Noobs
The main problem.
Hackers dont want your video feeds, they want an always on linux box with decent internet connectivity that can be used to attack targets on the internet.. they want to turn your camera into a weapon of mass destruction.
But..................................... is a vpn really necessary?
Teamviewer has had over 2 billion installations on devices has had no issues (since 2016 anyway ) plus it has its own VPn add on.
Chrome remote desktop
Chrome Remote Desktop is secure and safe. All remote sessions are AES encrypted over a secure SSL connection, which means your data is protected while you remotely access your computer. Additionally, when granting access to Chrome Remote Desktop, you must generate an expiring access code and provide that to the other user.
While Chrome Remote Desktop is secure, the privacy of your data is only as strong as the security practices you use and your computer. Weak passwords, reused PINs, lax security practices and already-vulnerable machines may compromise the privacy and security of your data. How to Use Chrome Remote Desktop for Business - businessnewsdaily.com
Navs input..............................(He discusses home viewing to see work cameras at workplace but can be done work to home of course, teamviewer Ms remote or Chrome remote)
Hi Guys
So far I have gathered that majority here are proponents of following connection model to connect to BI from say home to camera feeds in the target network.
Configuration Setup: OpenVPN + Router Configuration inc dyndns and port forwarding, generating OpenAm key files along with userid and password, reduced traffic speed due to VPN encryption
But I believe there is a simpler and equally secure method to achieve the same and NOOBs will like it. I wanted to check with you guys if you can find any loophole in this method.
1) I have installed Blue Iris on a computer in the remote network - in the same LAN as my camera feeds.
2) Then I installed Teamviewer unattended access server on that computer and marked it a trusted device in my teamviewer account protected by a really long and complex password.
3) Then I went home, logged into the teamviewer client from home, marked my home laptop "trusted" as well and then connected with the Teamviewer unattended access server on the remote computer with BI running on it - all that without doing any port forwarding and confusing dyndns and vpn setups. And I was able to watch the screenshare of the remote BI computer on my home laptop.
What I know about the pros of this method so far.
Nav
Background
So you want to connect remotely to your Blue Iris & cameras at home via eg teamviewer, chrome remote desktop app or Microsoft Remote desktop. You should first should setup a vpn (virtual private network) then you can safely remote access. A VPN provides secure access control encrypting all the network traffic it carries so you can securely access your cctv remotely. Most of you use free openvpn on Asus router. Theres a massive section here on vpns : VPN Primer for Noobs
The main problem.
Hackers dont want your video feeds, they want an always on linux box with decent internet connectivity that can be used to attack targets on the internet.. they want to turn your camera into a weapon of mass destruction.
But..................................... is a vpn really necessary?
Teamviewer has had over 2 billion installations on devices has had no issues (since 2016 anyway ) plus it has its own VPn add on.
Chrome remote desktop
Chrome Remote Desktop is secure and safe. All remote sessions are AES encrypted over a secure SSL connection, which means your data is protected while you remotely access your computer. Additionally, when granting access to Chrome Remote Desktop, you must generate an expiring access code and provide that to the other user.
While Chrome Remote Desktop is secure, the privacy of your data is only as strong as the security practices you use and your computer. Weak passwords, reused PINs, lax security practices and already-vulnerable machines may compromise the privacy and security of your data. How to Use Chrome Remote Desktop for Business - businessnewsdaily.com
Navs input..............................(He discusses home viewing to see work cameras at workplace but can be done work to home of course, teamviewer Ms remote or Chrome remote)
Hi Guys
So far I have gathered that majority here are proponents of following connection model to connect to BI from say home to camera feeds in the target network.
Configuration Setup: OpenVPN + Router Configuration inc dyndns and port forwarding, generating OpenAm key files along with userid and password, reduced traffic speed due to VPN encryption
But I believe there is a simpler and equally secure method to achieve the same and NOOBs will like it. I wanted to check with you guys if you can find any loophole in this method.
1) I have installed Blue Iris on a computer in the remote network - in the same LAN as my camera feeds.
2) Then I installed Teamviewer unattended access server on that computer and marked it a trusted device in my teamviewer account protected by a really long and complex password.
3) Then I went home, logged into the teamviewer client from home, marked my home laptop "trusted" as well and then connected with the Teamviewer unattended access server on the remote computer with BI running on it - all that without doing any port forwarding and confusing dyndns and vpn setups. And I was able to watch the screenshare of the remote BI computer on my home laptop.
What I know about the pros of this method so far.
- both computers need to be trusted to communicate with each other and to do that one would need my long complex TV password. No other computer with TV on it can connect to my TV server without being trusted in my TV account. if someone can hack that password then they can very well get into my Windows laptop as well as that has a similar variation of the same length and complexity password.
- TV's marvelous proprietary protocol encrypts all the traffic and also handles NAT routing with help from TV's central servers and uses UDP ports, hence no DYNDNS required to be setup in this method (which takes its own sweet time to propagate through the DNS system when the IP of remote router changes)
- Read about TV's protocol here - What is the difference between TeamViewer and RDP?
- Teamviewer has had over 2 billion installations on devices has had no issues (since 2016 anyway) plus it has its own TeamViewer built-in VPN service that allows you to connect to a device to share windows file shares and to share printers. You may read about it here About TeamViewer VPN
- This setup is unaffected by life events like changing your broadband provider, changing your internet router, adding any wifi AP/repeaters in the middle etc etc..
Nav