Network risk after removing IP camera

[Me1ab]

Hello,

I'm new to home security and IP cameras and am thinking of getting one. I've read a few articles about them being hacked and possibly being backdoors due to the firmware written by third parties.

I would like to know what risk is there to a network if I only use the camera intermittently? What I mean is, is my network only at risk when the camera is connected to it and once I put it back in the box, everything is ok? Or can it be an attack vector to my router where a back door can be placed on the router regardless of whether or not the camera is still on the network.

Maybe I can mitigate some of the hacker risk by not using it all the time?

Thanks


Sent from my iPhone using Tapatalk

 

[cdltech]

Anytime you open ports on your router. You are less secure than if you had everything blocked.
I've had open ports on mine before. I don't anymore. I and many others use VPN. There are routers that have built in VPN service. That seems to be the easiest route. There are ways to do it for free using Linux. Though that takes quite a bit to setup. Depending on your technical ability.

To answer your question specifically. If the camera is accessible to the Internet. It can be an attack vector. Flaws in the firm of anything can be an attack vector. The best we all can do is keep our devices updated with the most recent firmware.

 

[cdltech]

The VPN solution is only if you want to access the camera or network from outside your network.

 

[Joe11]

One option that I think may work is to create separate LANs, using two separate routers. So, even if you get hacked because of the open ports, only the LAN with the open ports get hacked (the 2nd router, with all your other devices should not have any open ports). I keep the NVR/cameras on a separate LAN. So, worst case scenario, somebody can get into my NVR, and see the outside of my house.
Devices on one LAN can't talk to devices on the other (the way it is set up on my network).

> Gateway to Router1/LAN1, and Gateway to Router2/LAN2 should be safe
> Gateway to Router1/LAN1 and Router1/LAN1 to Router2/LAN2 should be safe as long as your LAN1 has only the cameras. LAN2 can see LAN1, but LAN1 can't see LAN2 (unless you open ports on Router2)

I'm not an expert by any means, so if somebody has suggestions/corrections, please share