* No badgers were harmed in the creation of this blog *

** Not intended to diagnose, treat, cure, or prevent any disease **

Wednesday, April 12, 2023

Don't advertise the IP address of your devices

Earlier today, I snapped the photo above. Clearly seen, on the side of the camera, is the camera's ip address (I've obscured the last two octets). Note also that this is not a private ip - the address that a device uses on a network - but a public ip: the camera appears to be connected to the internet directly. Assuming that the address is correct, I see a few issues here worth mentioning.

  1. Anything on the internet is directy in the line of fire to attackers. Though the camera might have a username and password to protect it, we could add an additional layer of security by moving the camera behind the firewall of a network. Then, an attacker would first have to penetrate the firewall before they could address the username and password security. Placing the camera on the internet denies it of a layer of security. Granted, there are times when this is necessary or beneficial (e.g. traffic cams and raptor cams) but a security camera should probably have security.
  2. Since this camera was installed in this way, I'm led to wonder about the security posture of the rest of this facility. Just on this camera, is the security still running on the default settings? There look to be manufacturer stickers on the bottom of the camera - if I could determine the make and model, a Google search might reveal the default username and password. More generally, have there been other flaws in creating the local network? In other words, the setup here advertises a loose security posture, inviting a hacker to take a stab at breaking in. It's a little like parking a car in a bad neighborhood with the doors locked but the key in the ignition.
  3. Alternately, perhaps the address shown is not the address of the camera, but the address that the camera conncets to (the address of the security company, for instance). IN this case, the label may have been placed to enable the camera to be set up properly. In this case, the address is likely to be firewall protected, but there's still no reason to publically display it - keep that info need-to-know.
Posted by at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)