Like Tree7Likes

Hikvision Cameras - A Security Threat?

Reply
Page 3 of 4 FirstFirst 1 2 3 4 LastLast
  1. #21
    jgl
    jgl is offline

    Join Date
    Aug 2006
    Posts
    10,261
    Quote Originally Posted by freeier:
    if the content of things that the camera can send out is so sensitive such that china government would find them useful, then having someone that doesn't understand how to block those signals from going out would be the reckless behavior..
    Sending video streams out is not the security concern. That would be incredibly easy to spot as bandwidth usage would go through the roof. It would be like your home wifi coming to a grinding halt- you'd poke around a bit then realise that one of your neighbours was leeching and watching HD video via your connection.

    The concern is that the devices could be used to gain further access to the internal network. i.e. they provide backdoors.

  2. #22

    Join Date
    Sep 2011
    Posts
    25
    Quote Originally Posted by jgl:
    By running Wireshark?

    Iptables and logging as I didn't trust some dodgy camera I bought off ebay.

    I didn't do any packet analysis. Perhaps it was broadcasting upnp to take control!

  3. #23
    jgl
    jgl is offline

    Join Date
    Aug 2006
    Posts
    10,261
    Quote Originally Posted by Galvs:
    Iptables and logging as I didn't trust some dodgy camera I bought off ebay.

    I didn't do any packet analysis. Perhaps it was broadcasting upnp to take control!
    Nice. I ran wireshark when I first got my dodgy Chinese gear in for similar reasons of paranoia.
    Last edited by jgl; 22-05-2019 at 07:44 PM.

  4. #24

    Join Date
    Dec 2010
    Posts
    3,344

    @jgl

    any other suggestions than this? I need something for home port mirroring.

    https://hken.rs-online.com/web/p/pro...E&gclsrc=aw.ds


  5. #25
    jgl
    jgl is offline

    Join Date
    Aug 2006
    Posts
    10,261

    Huh, of you can find a managed switch for 400, grab it

    Why do you need port mirroring? That's very niche.


  6. #26

    Join Date
    Dec 2010
    Posts
    3,344

    for wireshark to make sure some rsync packets going out are really encrypted

    how would you do it?


  7. #27
    jgl
    jgl is offline

    Join Date
    Aug 2006
    Posts
    10,261

    Just run it in promiscuous mode, I don't think you need to port mirror.

    shri likes this.

  8. #28

    Join Date
    Dec 2010
    Posts
    3,344

    Well

    1) I only have a unmanaged switch at home

    2) I'm trying to capture traffic from the synology and I don't think I can put the synology NIC into promiscuous mode


  9. #29

    Join Date
    Dec 2010
    Posts
    3,344

    heck I haven't even been using a switch for quite some time since my fiber entry point is right near the door versus near the office and multimedia area so I've been running primarily wireless now.


  10. #30
    jgl
    jgl is offline

    Join Date
    Aug 2006
    Posts
    10,261
    Quote Originally Posted by chichow:
    Well

    1) I only have a unmanaged switch at home

    2) I'm trying to capture traffic from the synology and I don't think I can put the synology NIC into promiscuous mode
    Way late on replying to this because I missed it, but you don't put the Synology NIC into promiscuous, you do it to the machine running Wireshark.

Reply
Page 3 of 4 FirstFirst 1 2 3 4 LastLast