{"id":423,"date":"2021-12-15T18:31:25","date_gmt":"2021-12-15T18:31:25","guid":{"rendered":"https:\/\/netcelero.com\/?p=423"},"modified":"2022-01-24T10:43:37","modified_gmt":"2022-01-24T10:43:37","slug":"take-control-of-your-cctv-connectivity-top-tips-to-correctly-set-up-ip-cameras-2","status":"publish","type":"post","link":"https:\/\/netcelero.com\/take-control-of-your-cctv-connectivity-top-tips-to-correctly-set-up-ip-cameras-2\/","title":{"rendered":"Take Control of your CCTV Connectivity -Top Tips to Correctly Set Up IP Cameras"},"content":{"rendered":"\n
The proliferation of remotely accessible CCTV systems, and in particular the use of cheaper IP cameras is a game-changer for the security industry. They\u2019re cheaper, easy to install, and enable more premises to safely and remotely monitored 24\/7. But, with opportunity comes risk and almost every day there\u2019s a news report of IP cameras being turned into bots and used to spread malware. In short, the cameras need a connection that\u2019s up to the job.<\/p>\n\n\n\n
In this article, we talk about the Dynamic DNS settings in more detail and explore the right way to connect IP cameras.<\/p>\n\n\n\n
These IP cameras or DVRs\/NVRs are usually connected directly to the Internet. This brings a lot of responsibility in configuring these devices in a safe and secure way or else a hacker can get access to your network. Hackers can break your live remote monitoring\/recording, they can inject a ransomware to your network, which can freeze your business operations or steal critical data such as credit cards or bank accounts.<\/p>\n\n\n\n
These devices could even be the part of an internet flooding attack. As per the recent large scale CCTV hacks reported , hackers compromised 1000\u2019s of networked DVR\u2019s and CCTV cameras to do a massive DDoS attack which then brought down many Internet based services . The security side of CCTV cameras is always a hot topic, let\u2019s have a look at the security in remote monitoring. Dynamic DNS is a common term used in CCTV world for remote monitoring.<\/p>\n\n\n\n
Dynamic DNS is a service which allows the users to use a \u2018hostname\u2019 for remote connections instead of using a dynamically changing IP address. It maps a hostname to your IP address. The router on your network then periodically updates your IP to the Dynamic DNS service. So whenever your IP changes, the DNS also updates automatically. This means, even if your IP changes you still can connect to your network through that hostname.<\/p>\n\n\n\n
Just knowing the IP is not enough for remote connections, by default the built in network firewalls are set up to reject all incoming traffic. This can be bypassed by doing port forwards, but doing this can then expose your whole private network to a wide open internet.<\/p>\n\n\n\n
Many people think, it\u2019s easy to set up a DDNS and are unaware about any security implications in doing it without considering other factors. A simple example is configuring DDNS to a DMZ zone without implementing any level of security. This exposes the whole public facing services in that DMZ directly to the internet. It then attracts a bunch of hackers, as it gives them an indication that you have some public-facing services hosted on your network. And for them, instead of scanning a whole IP network , they can simply scan hostnames to see every open ports and finds any vulnerable services like Telnet , SSH , FTP , HTTP etc. Most of the passwords for these services could be hard-coded and can be easily hackable.<\/p>\n\n\n\n
Most of the CCTVs, DVRs\/NVRs in production are relying on this combination of Port forwarding and Dynamic DNS.<\/p>\n\n\n\n
Nowadays, DVRs usually come with their own dynamic DNS service and provide a dedicated DDNS portal for their customers. This helps users to set up their unique hostname without any hassle. However, it also opens many possibilities for hackers, as a little information gathering about the manufacturer would give them enough details about their standard port forwards, DDNS domain names etc.<\/p>\n\n\n\n
So each Dynamic DNS user has a unique hostname. Just an example for dyndns.net, the unique hostname for a user would be a subdomain to the main domain, so that\u2019s something like xxxx.dyndns.net.<\/p>\n\n\n\n