Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


ForumsHome Workshop DIYWireless IP camera - how secure is it from unauthorised access


Circumspice
663 posts

Ultimate Geek

Trusted
Lifetime subscriber

# 255504 14-Aug-2019 20:32
Send private message quote this post

I've just got a wireless IP camera (SANNCE Home Security IP Camera) in my home garage to solve a classic 'external' access garage question of 'did I close the garage door'. 

 

It's connected to the wifi (fritzbox using WPA2 network key). 

 

The app associated with the camera (Joylite) shows the camera's view of the garage, live, regardless of what network my phone is connected to (mobile network 4g, my work's wifi etc). I haven't set up any port forwarding.

 

 

 

So I no longer have to head outside to have a look at the garage. 

 

But the spectre of another problem has arisen: is my camera another netcam that's on the likes of shodan.io and viewable to the world??

Filter this topic showing only the reply marked as answer Create new topic
15247 posts

Uber Geek

Trusted
Subscriber

  # 2299446 14-Aug-2019 20:36
3 people support this post
Send private message quote this post

Don't make the camera available on the internet, make it available only on your LAN. Set up a VPN from your phone (or anywhere else) to your Fritzbox, effectively putting your phone on the LAN, where you can securely view the camera. I say how I did it in this thread.



Circumspice
663 posts

Ultimate Geek

Trusted
Lifetime subscriber

  # 2299448 14-Aug-2019 20:44
Send private message quote this post

Thanks

 

If I've understood correctly, those steps help to secure how my phone views the camera.

 

 

 

The next question: can any one else can access the camera as it is set up currently? i.e. without my phone.

 

By the way, I linked the camera to my phone by using the app on my phone to scan the QR code on the camera. Can anyone else view the camera without going through the QR code step?

 
 
 
 


15247 posts

Uber Geek

Trusted
Subscriber

  # 2299449 14-Aug-2019 20:46
Send private message quote this post

You haven't fully understood. You don't make your camera available on the internet, you just make it available on the local network. Cameras aren't automatically available on the internet, this has to be enabled by port forwarding or software built into the camera. Just keep it on the LAN, and get yourself remote LAN access.

BDFL - Memuneh
64690 posts

Uber Geek

Administrator
Trusted
Geekzone
Lifetime subscriber

  # 2299467 14-Aug-2019 20:55
One person supports this post
Send private message quote this post

From the OP, seeing you didn't create any port forward then the camera should be safe.

 

From the OP description (app, no port forwarding) it seems the stream goes from the camera to the cloud servers and from the app to these same servers - similar to Ring devices. 




Sharesies investment funds | Geekzone broadband switch | Backblaze backup (Geekzone aff) | Amazon (Geekzone aff) | MightyApe (Geekzone aff)

 

My technology disclosure | Digital Transformation | Enterprise Content Management | Customer Relationship Management | Data Insights, Business Intelligence and Advanced Analytics 

 

 

4533 posts

Uber Geek

Trusted

  # 2299472 14-Aug-2019 21:07
Send private message quote this post

But even though that better than port forwarding or other things it could do. It relies on the cloud server being secure and maintained.

The only 100% way to secure it is not allow any internet access (ie block the camera from the internet). Which will stop the app from working.




Previously known as psycik

OpenHAB: Gigabyte AMD A8 BrixOpenHAB with Aeotech ZWave Controller, Raspberry PI, Wemos D1 Mini, Zwave, Xiaomi Humidity and Temperature sensors and Bluetooth LE Sensors
Media:Chromecast v2, ATV4, Roku3, HDHomeRun Dual
Windows 10 Host (Plex Server/Crashplan): 2x2TB, 2x3TB, 1x4TB using DriveBender, Samsung 850 evo 512 GB SSD, Hyper-V Server with 1xW10, 1xW2k8, 2xUbuntu 16.04 LTS, Crashplan, NextPVR channel for Plex,NextPVR Metadata Agent and Scanner for Plex

15247 posts

Uber Geek

Trusted
Subscriber

  # 2299475 14-Aug-2019 21:26
One person supports this post
Send private message quote this post

davidcole: But even though that better than port forwarding or other things it could do. It relies on the cloud server being secure and maintained.

The only 100% way to secure it is not allow any internet access (ie block the camera from the internet). Which will stop the app from working.

 

I have a wireless IP camera that works just fine on my LAN without any internet access - I blocked it at the router. If i want to view it externally I VPN into my LAN.



Circumspice
663 posts

Ultimate Geek

Trusted
Lifetime subscriber

  # 2299476 14-Aug-2019 21:26
Send private message quote this post

Thanks both.

 

timmmay is right that I haven't understood, but I understand now.

 

freitasm on to something - it depends on the security of the SANNCE cloud servers.

 

So those unsecured netcams generally have port forwarding set up?

 
 
 
 


BDFL - Memuneh
64690 posts

Uber Geek

Administrator
Trusted
Geekzone
Lifetime subscriber

  # 2299479 14-Aug-2019 21:30
Send private message quote this post

paulchinnz:

 

freitasm on to something - it depends on the security of the SANNCE cloud servers.

 

So those unsecured netcams generally have port forwarding set up?

 

 

Generally, yes,




Sharesies investment funds | Geekzone broadband switch | Backblaze backup (Geekzone aff) | Amazon (Geekzone aff) | MightyApe (Geekzone aff)

 

My technology disclosure | Digital Transformation | Enterprise Content Management | Customer Relationship Management | Data Insights, Business Intelligence and Advanced Analytics 

 

 



Circumspice
663 posts

Ultimate Geek

Trusted
Lifetime subscriber

  # 2299483 14-Aug-2019 21:37
Send private message quote this post

Thanks all.

 

 

 

@timmmay, I think the reason for my non-understanding is misinterpretation of your first post:

 

I read "Don't make the camera available on the internet, make it available only on your LAN. Set up a VPN from your phone ..."

 

as "Make your camera available only on your LAN by setting up a VPN from your phone..."

4533 posts

Uber Geek

Trusted

  # 2299511 15-Aug-2019 06:27
Send private message quote this post

timmmay:

davidcole: But even though that better than port forwarding or other things it could do. It relies on the cloud server being secure and maintained.

The only 100% way to secure it is not allow any internet access (ie block the camera from the internet). Which will stop the app from working.


I have a wireless IP camera that works just fine on my LAN without any internet access - I blocked it at the router. If i want to view it externally I VPN into my LAN.



Exactly. Sorry so if blocking the camera from the internet the app may or may not work locallly. But won’t by the internet unless you work out some sort of vpn access to your network




Previously known as psycik

OpenHAB: Gigabyte AMD A8 BrixOpenHAB with Aeotech ZWave Controller, Raspberry PI, Wemos D1 Mini, Zwave, Xiaomi Humidity and Temperature sensors and Bluetooth LE Sensors
Media:Chromecast v2, ATV4, Roku3, HDHomeRun Dual
Windows 10 Host (Plex Server/Crashplan): 2x2TB, 2x3TB, 1x4TB using DriveBender, Samsung 850 evo 512 GB SSD, Hyper-V Server with 1xW10, 1xW2k8, 2xUbuntu 16.04 LTS, Crashplan, NextPVR channel for Plex,NextPVR Metadata Agent and Scanner for Plex

Filter this topic showing only the reply marked as answer Create new topic



Twitter and LinkedIn »



Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Arlo unveils its first video doorbell
Posted 21-Oct-2019 08:27

New Zealand students shortlisted for James Dyson Award
Posted 21-Oct-2019 08:18

Norton LifeLock Launches Norton 360
Posted 21-Oct-2019 08:11

Microsoft New Zealand Partner Awards results
Posted 18-Oct-2019 10:18

Logitech introduces new Made for Google keyboard and mouse devices
Posted 16-Oct-2019 13:36

MATTR launches to accelerate decentralised identity
Posted 16-Oct-2019 10:28

Vodafone X-Squad powers up for customers
Posted 16-Oct-2019 08:15

D Link ANZ launches EXO Smart Mesh Wi Fi Routers with McAfee protection
Posted 15-Oct-2019 11:31

Major Japanese retailer partners with smart New Zealand technology IMAGR
Posted 14-Oct-2019 10:29

Ola pioneers one-time passcode feature to fight rideshare fraud
Posted 14-Oct-2019 10:24

Spark Sport new home of NZC matches from 2020
Posted 10-Oct-2019 09:59

Meet Nola, Noel Leeming's new digital employee
Posted 4-Oct-2019 08:07

Registrations for Sprout Accelerator open for 2020 season
Posted 4-Oct-2019 08:02

Teletrac Navman welcomes AI tech leader Jens Meggers as new President
Posted 4-Oct-2019 07:41

Vodafone makes voice of 4G (VoLTE) official
Posted 4-Oct-2019 07:36


Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron


Updates »

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.