Secure Remote Viewing?

[ruppmeister]

How does everyone secure their remote viewing (HTTPS/SSL) to their camera setups?

When you view your Blue Iris or other software feed from your mobile or the web, is it really any more secure than if you are just port forwarding your cameras for direct viewing?

Just as background, I am using a Mac Mini running Sighthound. I currently connect to it via VPN from my phone before logging into Sighthound Server. This is a pain because I don't get alerts from the app if I'm not connected to the VPN. I also am restricted from viewing my camera feeds at work since I can't connect to the home VPN using the work machines.

So is everyone that connects to their cameras away from home doing it in a way that is more secure than transmitting your login information over HTTP?

And by the way, I don't care much if the stream is encrypted, but I don't want my username/password out there either.

 

[fenderman]

How does everyone secure their remote viewing (HTTPS/SSL) to their camera setups?

When you view your Blue Iris or other software feed from your mobile or the web, is it really any more secure than if you are just port forwarding your cameras for direct viewing?

Just as background, I am using a Mac Mini running Sighthound. I currently connect to it via VPN from my phone before logging into Sighthound Server. This is a pain because I don't get alerts from the app if I'm not connected to the VPN. I also am restricted from viewing my camera feeds at work since I can't connect to the home VPN using the work machines.

So is everyone that connects to their cameras away from home doing it in a way that is more secure than transmitting your login information over HTTP?

And by the way, I don't care much if the stream is encrypted, but I don't want my username/password out there either.

With respect to blue iris, this is from the help file
"When you have selected Secure Only on the Options/Webserver page, you are presented with a Blue Iris login page instead of the browser's own username/password form. When this login page is used, your user name and password are NOT sent to the Blue Iris web server. A secure hash (encryption) is created from a combination of these credentials and a unique session key."
You can use stunnel of you want to encrypt the video itself..
Also, if you chose to use a vpn, you would still get alerts even when you are not connected to the vpn...

 

[ruppmeister]

I guess this is a good thing for those that are using Blue Iris, not so much of use for those of us that are using other software/solutions.

I will have to give stunnel a try on my Mac to see if I can get it up and working in conjunction with Sighthound. Might be the only way to get secure login working without the use of my VPN.

Thanks!

 

[fenderman]

I guess this is a good thing for those that are using Blue Iris, not so much of use for those of us that are using other software/solutions.

I will have to give stunnel a try on my Mac to see if I can get it up and working in conjunction with Sighthound. Might be the only way to get secure login working without the use of my VPN.

Thanks!

You can contact the folks at sighthound and ask them if they implement some sort of encryption..

 

[ruppmeister]

Yup, did that. Here is what they said:

At this time remote access only uses HTTP. This is no different for users who would normally forward their IP cameras out of their network. I don't know of any cameras which are https enabled by default. That being said we have been working on adding HTTPS and hope to have it in the near future.

Until Sighthound implements something for HTTPS I will have to look for other ways to do it safe.