Category Archives: PC Suggestions to Neighbors

A Primer on IP Cam, DVR, & NVR Network Security

The availability of low cost residential IP (Internet Protocol) Cameras, Digital Video Recorders (DVR), and Network Video Recorders (NVR) has brought significant benefits to individual home security and monitoring at a distance.

Some of our BLOG users have purchased these devices. If you are participating in the Sunrise Terrace Snapshot Repository we have assured you that your personal network remains secure when using the outbound FTP transport configuration provided to you when you added your camera, DVR, or NVR to the Sunrise Terrace Repository site.

Most of these IP devices are capable of additional methods of content sharing and remote access that may have already been activated by the manufacturer as part of a vendors “plug and play” or “out of the box” automatic usability features.

In this BLOG POST I review five basic network configuration settings essential to maintaining the security of your personal network and the IP devices attached to that network.  Making changes to your userID & password pairs, DDNS settings, remote access protocol, and router logs varies depending out your router make and model.  Most of these changes can be accomplished using your routers GUI interface and will not be difficult.  Consult your router operating manual for specific instructions.

The first suggestion (1) and best way to protect your IP devices from intrusion is to change the manufactures default administrative userID and password, or better yet disable the vendor administrative userID and create your own access credentials!

Suggestion two (2) is to disable DDNS service on your IP device unless you are using a DDNS service for your own remote access to IP cameras, DVR’s, or NVR’s on your network.

Suggestion three (3) is to change IP device remote access service to a non-standard port.  The standard (well known) ports for some protocols are HTTP:80, RTSP:554, HTTPS: 443, and Server:8000.  Choose a port different from the well known ports and one above 2000 if possible for the operating systems of your camera.

Suggestion four (4) is to monitor your Internet Router activity. Keeping your router visible so you can and monitor the router LED’s for transmit and receive activity is an indication of a possible attack.

Suggestion five (5) is to check the router log periodically or when you observe continuous or unusual router activity. External access attempts to your personal network will appear in the router log (if you have activated logging) and you can use that data to filter or deny unwanted traffic to your personal network.

The five suggestions above are easy tasks and are the basis of good Internet security for IP devices on you network.

I hope this BLOG POST has been helpful in securing your personal network.

Footnote: IETF RFC-1918 private network ranges start with the IP Addresses: 10.0.0.0, 172.16.0.0, & 192.168.0.0.

XP users beware: hackers are targeting you

Below is an article I copied from http://techpageone.dell.com/technology/xp-users-beware-hackers-are-targeting-you/#.U8lK5NyQx8E .  I think it should be of inteest to people in our Neighborhood; especially those of you who are still using Windows XP.

Kirk Hall

________________________________________________________________________

XP users beware: hackers are targeting you

The expected flurry of attacks following the end of XP support has yet to occur but that doesn’t mean users should put down their guard.

By Drew Robb – Tech Page One May 05 2014ShareShare on facebookShare on twitterShare on google_plusone_shareShare on linkedinShare on email

As of April 8, Microsoft stopped supporting XP. That has meant no more free security updates — though you can still get them if you are willing to pay a premium.

For a number of companies with thousands of XP desktops, the change has been costly. Just ask the IRS, which is going to be paying Microsoft millions each year to support its extensive XP user base.

 

Stu Sjouwerman, author of the book “Cyberheist,” says no massive attacks on XP systems have been spotted yet.

But it gets worse: Hackers had time to prepare for the April 8 deadline with a host of vulnerabilities that they can now exploit.

The expected volume of attacks has yet to occur but some may be yet to come. Cybersecurity experts say that organizations should remain vigilant.

“It’s actually been more quiet than expected, and no massive attacks have been spotted as of yet,” says Stu Sjouwerman, author of the book “Cyberheist,” and founder and CEO of security software and training firm KnowBe4.

“It looks like they are doing their testing now and laying the ground work for more extensive campaigns a little later,” he adds.

There are a couple of key attacks that users need to beware of. One is phishing emails, which are still surprisingly effective. The user gets an official looking message from someone claiming to represent Windows Helpdesk, Microsoft Tech Support, Windows Support Group or other Microsoft support teams. They offer an urgent update that requires the user to permit remote access to the scammer.

The alternate route is via cold calls from “Microsoft Support.” They scare the user about there being no more security patches for XP, and mention that new security holes have been discovered and that users need to manually apply a patch.

Those who fall for this con have handed over control of their PC workstation to cybercriminals who either use that base camp to hack into the entire network — or just hold user files hostage until a ransom is paid. Sjouwerman advises users to ignore such calls and emails completely. Microsoft never provides support in this fashion.

Some experts believe that a large volume of desktops will be vulnerable in coming months, and not just because many organizations were slow to adopt a new operating system. XP remains popular.

“There are still more XP systems in use today than there are Macs,” says Rob Cheng, CEO of PC PitStop.

Consider one East Coast publishing firm that hadn’t received any XP branded phishing attacks but received a number of bogus shipping emails that asked the recipients to click on a link to track an item. The organization’s accounting and circulation systems only run on XP. A number of financial services organizations face the same issue.

How can companies protect themselves?

Cybersecurity professionals advise users to at least download the most current XP update, and for those also running Microsoft Office, to keep it patched, too. Turn on the Windows Firewall, and turn on Microsoft Security Essentials. Install Secunia (free), which helps you keep the apps remaining in use on XP systems fully updated.

Tony Gauda, founder and CEO of ThinAir, a data security and storage company based in Palo Alto, Calif., raised concerns about XP users remaining on Internet Explorer. He explained that most attacks require network access of some kind to exploit a vulnerability.

“Upgrade to security focused Web browsers like Google Chrome and disable plug-ins and add-ons that are targeted often (like Java and Flash),” says Gauda.

Application-control white listing is another good idea. It locks down an XP box, only allowing known-good executables to run.

“XP users should take advantage of a white list rather than a black list as it gives a better layer of protection,” says Cheng.

Sjouwerman recommends isolating XP devices on separate networks with their own hardware firewalls. That prevents them from compromising new machines.

“Additionally, give XP users security awareness training so they don’t fall for phishing and other attack vectors,” he says.