Like Tree7Likes

Hikvision Cameras - A Security Threat?

Reply
Page 3 of 4 FirstFirst 1 2 3 4 LastLast
  1. #21

    Join Date
    Aug 2006
    Posts
    9,811
    Quote Originally Posted by freeier
    if the content of things that the camera can send out is so sensitive such that china government would find them useful, then having someone that doesn't understand how to block those signals from going out would be the reckless behavior..
    Sending video streams out is not the security concern. That would be incredibly easy to spot as bandwidth usage would go through the roof. It would be like your home wifi coming to a grinding halt- you'd poke around a bit then realise that one of your neighbours was leeching and watching HD video via your connection.

    The concern is that the devices could be used to gain further access to the internal network. i.e. they provide backdoors.

  2. #22

    Join Date
    Sep 2011
    Posts
    15
    Quote Originally Posted by jgl
    By running Wireshark?

    Iptables and logging as I didn't trust some dodgy camera I bought off ebay.

    I didn't do any packet analysis. Perhaps it was broadcasting upnp to take control!

  3. #23

    Join Date
    Aug 2006
    Posts
    9,811
    Quote Originally Posted by Galvs
    Iptables and logging as I didn't trust some dodgy camera I bought off ebay.

    I didn't do any packet analysis. Perhaps it was broadcasting upnp to take control!
    Nice. I ran wireshark when I first got my dodgy Chinese gear in for similar reasons of paranoia.
    Last edited by jgl; 22-05-2019 at 07:44 PM.

  4. #24

    Join Date
    Dec 2010
    Posts
    2,956

    @jgl

    any other suggestions than this? I need something for home port mirroring.

    https://hken.rs-online.com/web/p/pro...E&gclsrc=aw.ds


  5. #25

    Join Date
    Aug 2006
    Posts
    9,811

    Huh, of you can find a managed switch for 400, grab it

    Why do you need port mirroring? That's very niche.


  6. #26

    Join Date
    Dec 2010
    Posts
    2,956

    for wireshark to make sure some rsync packets going out are really encrypted

    how would you do it?


  7. #27

    Join Date
    Aug 2006
    Posts
    9,811

    Just run it in promiscuous mode, I don't think you need to port mirror.

    shri likes this.

  8. #28

    Join Date
    Dec 2010
    Posts
    2,956

    Well

    1) I only have a unmanaged switch at home

    2) I'm trying to capture traffic from the synology and I don't think I can put the synology NIC into promiscuous mode


  9. #29

    Join Date
    Dec 2010
    Posts
    2,956

    heck I haven't even been using a switch for quite some time since my fiber entry point is right near the door versus near the office and multimedia area so I've been running primarily wireless now.


  10. #30

    Join Date
    Aug 2006
    Posts
    9,811
    Quote Originally Posted by chichow
    Well

    1) I only have a unmanaged switch at home

    2) I'm trying to capture traffic from the synology and I don't think I can put the synology NIC into promiscuous mode
    Way late on replying to this because I missed it, but you don't put the Synology NIC into promiscuous, you do it to the machine running Wireshark.

Reply
Page 3 of 4 FirstFirst 1 2 3 4 LastLast