I have a VPN setup; but how do I confirm my IPC has no web access?

[buckfast]

From reading the cliff notes, it is stated that the gateway address on IPCs should be left blank so that the cam cannot have internet access. Upon logging into my cam, I cant delete this address. Am I interpreting this correctly?

Also, I have a VPN setup up on my home router, with a client installed on my android phone. When away from house, I can view the live feed from my cams when I activate the VPN client, and the feed drops when I close the VPN client. Does this mean that my network is relatively secure?

Essentially what I am asking is how would you recommend somebody with only very basic networking knowledge to do a security level check on their system? Is there some methods to follow to verify for example, that I am not port forwarding (I dont think that I am) etc?


Hope I am making some sense here. thanks

 

[alastairstevenson]

Is there some methods to follow to verify for example, that I am not port forwarding (I dont think that I am) etc?

A quick and easy method is to use one of the many free services that attempt inbound access from the internet and show the results.
Try the 'all service ports' option of ShieldsUp! for example : GRC | ShieldsUP! — Internet Vulnerability Profiling

**edit** Also - access the cameras web GUI and the router web ADMIN and ensure that UPnP is not enabled.

 

[JNDATHP]

Another way to determine if your camera has access to the Internet is to set the NTP (time service) to a public NTP server. Change the time in the camera to something that is noticeably wrong and set the NTP interval to its minimum, usually a minute. If it doesn’t change its time to the correct time, your camera is good.

In my setup, all network services, including P2P and upnp are disabled. Only tcp/ip is enabled.

 

[civic17]

Without internet access the cams can't do push alerts to the IDMSS app correct? Does enabling push alerts first have it push to dahua servers in china then to the phone app?

 

[mikeynags]

Without internet access the cams can't do push alerts to the IDMSS app correct? Does enabling push alerts first have it push to dahua servers in china then to the phone app?

Push alerts should not be going to China. Is this iOS or Android?

 

[catcamstar]

Without internet access the cams can't do push alerts to the IDMSS app correct? Does enabling push alerts first have it push to dahua servers in china then to the phone app?

For push notifications to work, you need TCP/2195 (outbound!) open.

 

[civic17]

Push alerts should not be going to China. Is this iOS or Android?

How else would the app receive the alerts when you are not at home or if not connected to VPN?