I have a VPN setup; but how do I confirm my IPC has no web access?

buckfast

Getting the hang of it
Joined
Nov 24, 2016
Messages
127
Reaction score
16
From reading the cliff notes, it is stated that the gateway address on IPCs should be left blank so that the cam cannot have internet access. Upon logging into my cam, I cant delete this address. Am I interpreting this correctly?

Also, I have a VPN setup up on my home router, with a client installed on my android phone. When away from house, I can view the live feed from my cams when I activate the VPN client, and the feed drops when I close the VPN client. Does this mean that my network is relatively secure?

Essentially what I am asking is how would you recommend somebody with only very basic networking knowledge to do a security level check on their system? Is there some methods to follow to verify for example, that I am not port forwarding (I dont think that I am) etc?


Hope I am making some sense here. thanks
 

alastairstevenson

Staff member
Joined
Oct 28, 2014
Messages
12,110
Reaction score
3,964
Location
Scotland
Is there some methods to follow to verify for example, that I am not port forwarding (I dont think that I am) etc?
A quick and easy method is to use one of the many free services that attempt inbound access from the internet and show the results.
Try the 'all service ports' option of ShieldsUp! for example : GRC | ShieldsUP! — Internet Vulnerability Profiling

**edit** Also - access the cameras web GUI and the router web ADMIN and ensure that UPnP is not enabled.
 

JNDATHP

Pulling my weight
Joined
Oct 16, 2018
Messages
302
Reaction score
229
Location
USA
Another way to determine if your camera has access to the Internet is to set the NTP (time service) to a public NTP server. Change the time in the camera to something that is noticeably wrong and set the NTP interval to its minimum, usually a minute. If it doesn’t change its time to the correct time, your camera is good.

In my setup, all network services, including P2P and upnp are disabled. Only tcp/ip is enabled.
 

civic17

Getting the hang of it
Joined
Dec 7, 2018
Messages
150
Reaction score
52
Location
Canada
Without internet access the cams can't do push alerts to the IDMSS app correct? Does enabling push alerts first have it push to dahua servers in china then to the phone app?
 

mikeynags

Getting comfortable
Joined
Mar 14, 2017
Messages
482
Reaction score
291
Location
CT
Without internet access the cams can't do push alerts to the IDMSS app correct? Does enabling push alerts first have it push to dahua servers in china then to the phone app?
Push alerts should not be going to China. Is this iOS or Android?
 

catcamstar

Known around here
Joined
Jan 28, 2018
Messages
1,137
Reaction score
722
Without internet access the cams can't do push alerts to the IDMSS app correct? Does enabling push alerts first have it push to dahua servers in china then to the phone app?
For push notifications to work, you need TCP/2195 (outbound!) open.
 
Top