I have a VPN setup; but how do I confirm my IPC has no web access?

Discussion in 'Networking' started by buckfast, Jul 16, 2019.

Share This Page

  1. buckfast

    buckfast Getting the hang of it

    Joined:
    Nov 24, 2016
    Messages:
    124
    Likes Received:
    15
    From reading the cliff notes, it is stated that the gateway address on IPCs should be left blank so that the cam cannot have internet access. Upon logging into my cam, I cant delete this address. Am I interpreting this correctly?

    Also, I have a VPN setup up on my home router, with a client installed on my android phone. When away from house, I can view the live feed from my cams when I activate the VPN client, and the feed drops when I close the VPN client. Does this mean that my network is relatively secure?

    Essentially what I am asking is how would you recommend somebody with only very basic networking knowledge to do a security level check on their system? Is there some methods to follow to verify for example, that I am not port forwarding (I dont think that I am) etc?


    Hope I am making some sense here. thanks
     
  2. alastairstevenson

    alastairstevenson Staff Member

    Joined:
    Oct 28, 2014
    Messages:
    11,223
    Likes Received:
    3,574
    Location:
    Scotland
    A quick and easy method is to use one of the many free services that attempt inbound access from the internet and show the results.
    Try the 'all service ports' option of ShieldsUp! for example : GRC | ShieldsUP! — Internet Vulnerability Profiling

    **edit** Also - access the cameras web GUI and the router web ADMIN and ensure that UPnP is not enabled.
     
    aristobrat, mat200 and buckfast like this.
  3. JNDATHP

    JNDATHP Pulling my weight

    Joined:
    Oct 16, 2018
    Messages:
    256
    Likes Received:
    178
    Location:
    USA
    Another way to determine if your camera has access to the Internet is to set the NTP (time service) to a public NTP server. Change the time in the camera to something that is noticeably wrong and set the NTP interval to its minimum, usually a minute. If it doesn’t change its time to the correct time, your camera is good.

    In my setup, all network services, including P2P and upnp are disabled. Only tcp/ip is enabled.
     
  4. civic17

    civic17 Getting the hang of it

    Joined:
    Dec 7, 2018
    Messages:
    87
    Likes Received:
    31
    Location:
    Canada
    Without internet access the cams can't do push alerts to the IDMSS app correct? Does enabling push alerts first have it push to dahua servers in china then to the phone app?
     
  5. mikeynags

    mikeynags Pulling my weight

    Joined:
    Mar 14, 2017
    Messages:
    183
    Likes Received:
    114
    Location:
    CT - the tax you to death state
    Push alerts should not be going to China. Is this iOS or Android?
     
  6. catcamstar

    catcamstar Getting comfortable

    Joined:
    Jan 28, 2018
    Messages:
    961
    Likes Received:
    583
    For push notifications to work, you need TCP/2195 (outbound!) open.
     
  7. civic17

    civic17 Getting the hang of it

    Joined:
    Dec 7, 2018
    Messages:
    87
    Likes Received:
    31
    Location:
    Canada
    How else would the app receive the alerts when you are not at home or if not connected to VPN?