MrHappy Posted December 2, 2015 Posted December 2, 2015 cyber, clear some pm's as there something i wanna send you... Quote Mr Veritas God
norman Posted December 2, 2015 Posted December 2, 2015 Dirty boy. Quote Nothing is foolproof to a sufficiently talented fool.
datadiffusion Posted December 2, 2015 Posted December 2, 2015 I've not looked at Axis DVRs. IP cameras are not the worst but no better than Hikvision. Sorry, I meant the cams Surprised at that as they seem to offer a lot of seemingly esoteric security / IPsec options. Not that that makes them more secure by default, I know. And I've never used Hik IP so can't compare. Quote So, I've decided to take my work back underground.... to stop it falling into the wrong hands
sixwheeledbeast Posted December 2, 2015 Author Posted December 2, 2015 And just to give you an idea of costs and time - it would probably take about 5 days of work for me to say "This DVR with this given firmware in this configuration is secure enough to be on your network" with any level of confidence. If there all fitted to the same standard and specification, surely this would only need doing once for each model/firmware? Again I would expect the manufacturer to have had this done externally. I also agree with PJ about 1 and 2 being hard to implement on some networks. Point 3 should be done as standard for anyone with knowledge of setting up firewalls, however, someone with a network background would understand this in more depth than an alarm monkey. Quote
cybergibbons Posted December 3, 2015 Posted December 3, 2015 cyber, clear some pm's as there something i wanna send you... Done. Quote I have a blog, some of which is about alarm security and reverse engineering:http://cybergibbons.com/
cybergibbons Posted December 5, 2015 Posted December 5, 2015 Sorry, I meant the cams Surprised at that as they seem to offer a lot of seemingly esoteric security / IPsec options. Not that that makes them more secure by default, I know. And I've never used Hik IP so can't compare. Yeah, they have a lot more functionality that should keep them secure, but they suffer from the same kind of issues (all running as root, vulnerable services, services you can't turn off etc) as the cheaper cams. One manufacturer put such strong legal threats out to a researcher that he pulled research and a talk - he won't say who it is though. Quote I have a blog, some of which is about alarm security and reverse engineering:http://cybergibbons.com/
datadiffusion Posted December 5, 2015 Posted December 5, 2015 Interesting, thanks. Quote So, I've decided to take my work back underground.... to stop it falling into the wrong hands
cybergibbons Posted December 5, 2015 Posted December 5, 2015 If there all fitted to the same standard and specification, surely this would only need doing once for each model/firmware? Again I would expect the manufacturer to have had this done externally. I also agree with PJ about 1 and 2 being hard to implement on some networks. Point 3 should be done as standard for anyone with knowledge of setting up firewalls, however, someone with a network background would understand this in more depth than an alarm monkey. Yes, it would need doing once per model at least. Quote I have a blog, some of which is about alarm security and reverse engineering:http://cybergibbons.com/
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.