• Setting up a webcam - security implications

    From GB@21:1/5 to All on Sat Sep 3 19:17:27 2022
    Just for fun, I have set up a webcam here on my Pi.

    I've gone into the router settings and 'forwarded the port'.

    I just wondered whether there are any security implications of having
    done this? It's the first time I have ever done anything like this.

    The Pi has a new installation of Debian, without any personal data at
    all on it.

    There are several other devices on the network: 2 ipads, 2 android
    phones, and a W10 laptop.

    Thanks for any help.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Andy Burns@21:1/5 to All on Sat Sep 3 19:50:58 2022
    GB wrote:

    I've gone into the router settings and 'forwarded the port'.
    I just wondered whether there are any security implications of having done this?

    Anyone who knows* your IP addr and the relevant port number (wild-assed guess 8081) can watch through your camera ...


    [*] and all the kiddies who just guess swathes of IP addrs from a virtual machine in a foreign datacentre paid for by a stolen credit card ...

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From GB@21:1/5 to Andy Burns on Sat Sep 3 20:36:04 2022
    On 03/09/2022 19:50, Andy Burns wrote:
    GB wrote:

    I've gone into the router settings and 'forwarded the port'. I just
    wondered whether there are any security implications of having done this?

    Anyone who knows* your IP addr and the relevant port number (wild-assed
    guess 8081) can watch through your camera ...

    Oh, is that the biggest worry? At the moment, it's pointed at the shop
    across the road.

    I planted a couple of beans we found in a field, and they have sprouted.
    I was thinking of pointing it at those instead. Either way, it's not a
    problem.





    [*] and all the kiddies who just guess swathes of IP addrs from a
    virtual machine in a foreign datacentre paid for by a stolen credit card
    ...

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Richard Kettlewell@21:1/5 to Andy Burns on Sat Sep 3 20:18:42 2022
    Andy Burns <usenet@andyburns.uk> writes:
    GB wrote:

    I've gone into the router settings and 'forwarded the port'. I just
    wondered whether there are any security implications of having done
    this?

    Anyone who knows* your IP addr and the relevant port number
    (wild-assed guess 8081) can watch through your camera ...


    [*] and all the kiddies who just guess swathes of IP addrs from a
    virtual machine in a foreign datacentre paid for by a stolen credit
    card ...

    It will probably show up on https://www.shodan.io/ l-)

    --
    https://www.greenend.org.uk/rjk/

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Andy Burns@21:1/5 to All on Sun Sep 4 07:49:14 2022
    On 03/09/2022 20:36, GB wrote:

    Andy Burns wrote:

    Anyone who knows* your IP addr and the relevant port number (wild-assed guess
    8081) can watch through your camera ...

    Oh, is that the biggest worry?

    I planted a couple of beans we found in a field, and they have sprouted. I was
    thinking of pointing it at those instead. Either way, it's not a problem.

    if your beanshoots go viral they could suck all your bandwith

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Jeff Gaines@21:1/5 to All on Sun Sep 4 07:31:49 2022
    On 04/09/2022 in message <jnj03bFc9o2U1@mid.individual.net> Andy Burns
    wrote:

    On 03/09/2022 20:36, GB wrote:

    Andy Burns wrote:

    Anyone who knows* your IP addr and the relevant port number (wild-assed >>>guess 8081) can watch through your camera ...

    Oh, is that the biggest worry? I planted a couple of beans we found in a >>field, and they have sprouted. I was thinking of pointing it at those >>instead. Either way, it's not a problem.

    if your beanshoots go viral they could suck all your bandwith

    Are viral beanshoots the same as GM beanshoots?

    --
    Jeff Gaines Dorset UK
    It may be that your sole purpose in life is to serve as a warning to others.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From SH@21:1/5 to All on Sun Sep 4 13:49:33 2022
    On 03/09/2022 19:17, GB wrote:
    Just for fun, I have set up a webcam here on my Pi.

    I've gone into the router settings and 'forwarded the port'.

    I just wondered whether there are any security implications of having
    done this? It's the first time I have ever done anything like this.

    The Pi has a new installation of Debian, without any personal data at
    all on it.

    There are several other devices on the network: 2 ipads, 2 android
    phones, and a W10 laptop.

    Thanks for any help.



    Have you got a username and password for thr webcam & Pi? You should be
    able to set up this in Debian/webcam software..

    Another thing to consider is istall a VPN such as wireguard, forward the
    VPN port only and set up a vpn client on the machines you use to view
    the webcam. This then allows you to unforward the Webcam port and that
    should inprove security a far bit

    S.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From GB@21:1/5 to Jeff Gaines on Sun Sep 4 16:42:06 2022
    On 04/09/2022 08:31, Jeff Gaines wrote:
    On 04/09/2022 in message <jnj03bFc9o2U1@mid.individual.net> Andy Burns
    wrote:

    On 03/09/2022 20:36, GB wrote:

    Andy Burns wrote:

    Anyone who knows* your IP addr and the relevant port number
    (wild-assed guess  8081) can watch through your camera ...

    Oh, is that the biggest worry?   I planted a couple of beans we found
    in a field, and they have sprouted. I was  thinking of pointing it at
    those instead. Either way, it's not a problem.

    if your beanshoots go viral they could suck all your bandwith

    Are viral beanshoots the same as GM beanshoots?


    Coincidentally, I suddenly started getting virus notifications from
    Windows Defender today for Behavior:Win32/Hive.ZY.

    It just seems to be a bug in Defender, but it was a bit of a surprise.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From GB@21:1/5 to All on Sun Sep 4 16:28:14 2022
    On 04/09/2022 13:49, SH wrote:
    On 03/09/2022 19:17, GB wrote:
    Just for fun, I have set up a webcam here on my Pi.

    I've gone into the router settings and 'forwarded the port'.

    I just wondered whether there are any security implications of having
    done this? It's the first time I have ever done anything like this.

    The Pi has a new installation of Debian, without any personal data at
    all on it.

    There are several other devices on the network: 2 ipads, 2 android
    phones, and a W10 laptop.

    Thanks for any help.



    Have you got a username and password for thr webcam & Pi? You should be
    able to set up this in Debian/webcam software..

    Another thing to consider is istall a VPN such as wireguard, forward the
    VPN port only and set up a vpn client on the machines you use to view
    the webcam. This then allows you to unforward the Webcam port and that
    should inprove security a far bit

    S.


    Thanks. I'll have a go at that. It's quite a learning curve.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Jeff Gaines@21:1/5 to tf2h0c$38ojh$2@dont-email.me on Sun Sep 4 16:52:38 2022
    On 04/09/2022 in message <tf2h0c$38ojh$2@dont-email.me> GB wrote:

    if your beanshoots go viral they could suck all your bandwith

    Are viral beanshoots the same as GM beanshoots?


    Coincidentally, I suddenly started getting virus notifications from
    Windows Defender today for Behavior:Win32/Hive.ZY.

    It just seems to be a bug in Defender, but it was a bit of a surprise.

    I've been getting it all afternoon :-(

    As you say it seems to be a bug.

    --
    Jeff Gaines Dorset UK
    George Washington was a British subject until well after his 40th birthday. (Margaret Thatcher, speech at the White House 17 December 1979)

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From alanc@mullen.demon.co.uk@21:1/5 to All on Mon Sep 5 02:56:36 2022
    Your home network security then becomes as strong as the weakest device that has been exposed to the internet. In your case it is the Pi and the webcam. I guess the Pi, running Debian, can be hardened but disabling unused services etc. You probably
    dont have any control over the software that is running on the webcam. I think the general opinion is that webcam software isnt very secure and rarely gets updated to fix security vulnerabilities.

    If someone gets access to either of these devices then they may be able to use them as a jumping point onto other devices on your network (laptop etc).

    As mentioned, a VPN would help to secure things by limiting the connectivity into your network to authorised devices.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)