Thousands of Hikvision cameras in South Africa affected by critical security flaw

Jan

Who's the Boss?
Staff member
Joined
May 24, 2010
Messages
13,521
Reaction score
11,176
Location
The Rabbit Hole
worst-security.gif
 
This is exactly why I have all my IP cameras on a separate VLAN with no internet access on my network. The only device that can access my cameras is my Synology NAS. They have no way of connecting to the internet at all.
 
This is exactly why I have all my IP cameras on a separate VLAN with no internet access on my network. The only device that can access my cameras is my Synology NAS. They have no way of connecting to the internet at all.

How do you remotely monitor your cameras?
 
Putting a camera directly on the Internet is not a good idea. I don’t care whose camera it is.
--Chuck Davis, Hikvision's Cybersecurity "guru"

 
This is exactly why I have all my IP cameras on a separate VLAN with no internet access on my network. The only device that can access my cameras is my Synology NAS. They have no way of connecting to the internet at all.

try get the cctv installers to understand vlans and even better implement it ... good luck :cool:
 
try get the cctv installers to understand vlans and even better implement it ... good luck :cool:

Cost will be an issue, your average consumer is going to complain about buying a vlan capable switch that is at least five times the cost of a dumb switch.
 
Cost will be an issue, your average consumer is going to complain about buying a vlan capable switch that is at least five times the cost of a dumb switch.

most businesses that run cctv dont evem use vlans.Sommer just plug in and disppear.
 
<snip> they know fokol about configuring advanced networks.

VLANs are basic networking to be honest and should be a requirement for any security installation. VLAN capable managed switches are not that expensive compared to a couple of decent 4MP+ IP CCTV cameras.

I'd consider advanced networking to be more along the lines of IS-IS, OSPF, BGP, etc. but that's highly unlikely to be a requirement with the vast majority of SMB/residential installations. Installers should up their game and offer a secure package including a Ubiquiti/Mikrotik firewall.
 
VLANs are basic networking to be honest and should be a requirement for any security installation. VLAN capable managed switches are not that expensive compared to a couple of decent 4MP+ IP CCTV cameras.

I'd consider advanced networking to be more along the lines of IS-IS, OSPF, BGP, etc. but that's highly unlikely to be a requirement with the vast majority of SMB/residential installations. Installers should up their game and offer a secure package including a Ubiquiti/Mikrotik firewall.

you would be surprised at how many IT people dont even know how to setup vlans :X3:
 
That's why I do it myself. CCTV installers are useful for running conduits and laying cable and doing all the shitty manual labour but generally they know fokol about configuring advanced networks.
Seems to me you are the guys using refugees to do your installs for cheap labour. Clearly not using reputable cctv installation companies.

Generally, network management in corporates or business is the domain of that it department or provider. They don't exactly want anybody else physically intruding to their systems.

We do however meet with the providers and advise on our requirements for the establishment of the vlan and the ports and protocols that we will be using.

Generally I find that 50% of those it providers battle to follow along.
 
That's why I do it myself. CCTV installers are useful for running conduits and laying cable and doing all the shitty manual labour but generally they know fokol about configuring advanced networks.
Respect shitty, manual, labour.
 
Top
Sign up to the MyBroadband newsletter