Send Motion-user mailing list submissions to
motion-user@lists.sourceforge.net
To subscribe or unsubscribe via the World Wide Web, visit
https://lists.sourceforge.net/lists/listinfo/motion-user
or, via email, send a message with subject or body 'help' to
motion-user-requ...@lists.sourceforge.net
You can reach the person managing the list at
motion-user-ow...@lists.sourceforge.net
When replying, please edit your Subject line so it is more specific
than "Re: Contents of Motion-user digest..."
Today's Topics:
1. Re: ebay cameras (Harlan Daneker)
2. Re: ebay cameras (Richard Bown)
----------------------------------------------------------------------
Message: 1
Date: Mon, 15 Jan 2024 08:22:23 -0500
From: Harlan Daneker <hdane...@gmail.com>
To: Motion discussion list <motion-user@lists.sourceforge.net>
Subject: Re: [Motion-user] ebay cameras
Message-ID:
<cac1wkirpvcovcxn2p6yuqfniwuqhumfdcixzpz8j5t22tsn...@mail.gmail.com>
Content-Type: text/plain; charset="utf-8"
Exactly, we are not talking about devices that some company has programmed.
This is a Fedora Linux desktop so unless the people that make the kernel
are doing something devious it doesn't forward packets. *"There might be a
conspiracy to forward packets from my cameras to China with port forwarding
using unrelated operating systems, that is the direction this conversation
is heading."* A closed network is closed unless NetworkManager is doing
something I'm not aware of, I've never liked NetworkManager. The old way
was easier to set up a server and it even had a gui for multiple network
cards and port forwarding, but it wasn't automatic and you had to do
something before you could connect to anything. That being said, comments
about NetworkManager could be useful to me and others. Somewhere I read it
had 300,000 lines of code.
On Mon, Jan 15, 2024 at 4:52?AM chuck elliot <c.ell...@pobox.com> wrote:
> 'true but your light still needs a route to the Internet.
>
> This guy's camera is effectively on an isolated LAN. Unless his computer
> is configured
>
> to forward packets between its interfaces , packets from the camera will
> not reach the Internet
>
> and packets from the Internet will not reach his camera.
>
>
> On 15/01/2024 1:47 am, Justin Alcorn wrote:
>
> IoT devices don't need port forwarding. They open up a connection to their
> command and control server, and leave it open, allowing the C&C server to
> send commands. That's how all your smart lights wor
> *DuckDuckGo* did not detect any trackers. More
> <https://duckduckgo.com/email/report#RFVDSzI.G3QBIByFjWO5GvtDGP1bKxlENaeymdVJAUDIqgDeF_i-gOFWLDqD5xjHGvlsPV2jaPo3aumdmzCCruhKsOlGd09frJwKUQL9b0-TXXrIz3oqyQ0Q3pF8c8_3BylmASoQsAsMpE5FLb9_yGdR2kt6VI6Oetyt6JTyIzVpLSvqDdwsVBQwRVvqRSa0AdF4rHaqplXNm_zhTLJShPZs8J9UHKEt6a7MWdciiAJW2RyzXCHdy6s1cgNn8HCry_I8XJ9QWmPXL8N7HrVRAGpVox-iL-uiy1zfd0PEr_wB>
> Report Spam
> <https://duckduckgo.com/email/report-spam#RFVDSzI.G3QBIByFjWO5GvtDGP1bKxlENaeymdVJAUDIqgDeF_i-gOFWLDqD5xjHGvlsPV2jaPo3aumdmzCCruhKsOlGd09frJwKUQL9b0-TXXrIz3oqyQ0Q3pF8c8_3BylmASoQsAsMpE5FLb9_yGdR2kt6VI6Oetyt6JTyIzVpLSvqDdwsVBQwRVvqRSa0AdF4rHaqplXNm_zhTLJShPZs8J9UHKEt6a7MWdciiAJW2RyzXCHdy6s1cgNn8HCry_I8XJ9QWmPXL8N7HrVRAGpVox-iL-uiy1zfd0PEr_wB>
> IoT devices don't need port forwarding.
>
> They open up a connection to their command and control server, and leave
> it open, allowing the C&C server to send commands. That's how all your
> smart lights work - your smartphone app tells the server to turn off the
> light, and the light reaches out and says 'do you have a command for me'
> every second or two, and then turns off.
>
> The problem is when the C&C server gets compromised and bad guys start
> sending different commands.
>
> --
> Justin B. Alcorn
> The views expressed are not necessarily my own, much less anyone else's
> PGP Fingerprint CCEB F776 C3FD 1050 C8DB 532E B8B9 BED7 7764 406C
>
>
> On Sun, Jan 14, 2024 at 1:11?PM Harlan Daneker <hdane...@gmail.com> wrote:
>
>> Unless you know something I am unaware of, port forwarding must be set up
>> with iptables so by default it would not forward anything.
>>
>> On Sun, Jan 14, 2024 at 12:26?PM Justin Alcorn <jus...@jalcorn.net>
>> wrote:
>>
>>>
>>>
>>> On Sat, Jan 13, 2024 at 9:28?PM Harlan Daneker <hdane...@gmail.com>
>>> wrote:
>>>
>>>> They are on a separate network card on the computer with its own static
>>>> ip address and there isn't any gateway. So if there is a way to connect to
>>>> the internet you will have to tell me how it could happen.
>>>>
>>>
>>> This is the way.
>>>
>>> (As long as forwarding is disabled on the computer)
>>> _______________________________________________
>>> Motion-user mailing list
>>> Motion-user@lists.sourceforge.net
>>> https://lists.sourceforge.net/lists/listinfo/motion-user
>>> https://motion-project.github.io/
>>>
>>> Unsubscribe: https://lists.sourceforge.net/lists/options/motion-user
>>
>> _______________________________________________
>> Motion-user mailing list
>> Motion-user@lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/motion-user
>> https://motion-project.github.io/
>>
>> Unsubscribe: https://lists.sourceforge.net/lists/options/motion-user
>
>
>
> _______________________________________________
> Motion-user mailing
> listMotion-user@lists.sourceforge.nethttps://lists.sourceforge.net/lists/listinfo/motion-userhttps://motion-project.github.io/
>
> Unsubscribe: https://lists.sourceforge.net/lists/options/motion-user
>
> _______________________________________________
> Motion-user mailing list
> Motion-user@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/motion-user
> https://motion-project.github.io/
>
> Unsubscribe: https://lists.sourceforge.net/lists/options/motion-user
-------------- next part --------------
An HTML attachment was scrubbed...
------------------------------
Message: 2
Date: Mon, 15 Jan 2024 15:05:01 +0000
From: Richard Bown <rich...@g8jvm.com>
To: motion-user@lists.sourceforge.net
Subject: Re: [Motion-user] ebay cameras
Message-ID: <3bd49188-8ddc-4f5a-b28c-806950fc9...@g8jvm.com>
Content-Type: text/plain; charset="utf-8"; Format="flowed"
The solution to stop it is very easy as you are running linux,set the
firewall on the devices that have the cameras attached only open on the
rtsp and ssh port in both directions.
most of my cams look like this
nmap scan report for Cam3FNT.lan (192.168.1.138)
Host is up (0.0035s latency).
Not shown: 995 closed ports
PORT???? STATE SERVICE
88/tcp?? open? kerberos-sec
443/tcp? open? https
554/tcp? open? rtsp
888/tcp? open? accessbuilder
8080/tcp open? http-proxy
only 554 is needed so a firewall in between the cams and router ,? I
suspect port 888 is used by many devices gets used/misused
If you cant separate the cams from the router, physically, something
like a old raspberry Pi3? between the router and multiway switch, can
run a very effective firewall, and not slow the system down
just my thoughts
Richard
On 15/01/2024 13:22, Harlan Daneker wrote:
> Exactly, we are not talking about devices that some company has
> programmed. This is a Fedora Linux desktop so unless the people that
> make the kernel are doing something devious it doesn't forward
> packets. /"There might be a conspiracy to forward packets from my
> cameras to China with port forwarding using unrelated operating
> systems, that is the direction this conversation is heading."/ A
> closed network is closed unless NetworkManager is doing something I'm
> not aware of, I've never liked NetworkManager. The old way was easier
> to set up a server and it even had a gui for multiple network cards
> and port forwarding, but it wasn't automatic and you had to do
> something before you could connect to anything. That being said,
> comments about NetworkManager could be useful to me and others.
> Somewhere I read it had 300,000 lines of code.
>
> On Mon, Jan 15, 2024 at 4:52?AM chuck elliot <c.ell...@pobox.com> wrote:
>
> 'true but your light still needs a route to the Internet.
>
> This guy's camera is effectively on an isolated LAN. Unless his
> computer is configured
>
> to forward packets between its interfaces , packets from the
> camera will not reach the Internet
>
> and packets from the Internet will not reach his camera.
>
>
> On 15/01/2024 1:47 am, Justin Alcorn wrote:
>
>> IoT devices don't need port forwarding. They open up a connection
>> to their command and control server, and leave it open, allowing
>> the C&C server to send commands. That's how all your smart lights
>> wor
>> *DuckDuckGo* did not detect any?trackers. More
>>
>> <https://duckduckgo.com/email/report#RFVDSzI.G3QBIByFjWO5GvtDGP1bKxlENaeymdVJAUDIqgDeF_i-gOFWLDqD5xjHGvlsPV2jaPo3aumdmzCCruhKsOlGd09frJwKUQL9b0-TXXrIz3oqyQ0Q3pF8c8_3BylmASoQsAsMpE5FLb9_yGdR2kt6VI6Oetyt6JTyIzVpLSvqDdwsVBQwRVvqRSa0AdF4rHaqplXNm_zhTLJShPZs8J9UHKEt6a7MWdciiAJW2RyzXCHdy6s1cgNn8HCry_I8XJ9QWmPXL8N7HrVRAGpVox-iL-uiy1zfd0PEr_wB>
>>
>>
>> Report Spam
>>
>> <https://duckduckgo.com/email/report-spam#RFVDSzI.G3QBIByFjWO5GvtDGP1bKxlENaeymdVJAUDIqgDeF_i-gOFWLDqD5xjHGvlsPV2jaPo3aumdmzCCruhKsOlGd09frJwKUQL9b0-TXXrIz3oqyQ0Q3pF8c8_3BylmASoQsAsMpE5FLb9_yGdR2kt6VI6Oetyt6JTyIzVpLSvqDdwsVBQwRVvqRSa0AdF4rHaqplXNm_zhTLJShPZs8J9UHKEt6a7MWdciiAJW2RyzXCHdy6s1cgNn8HCry_I8XJ9QWmPXL8N7HrVRAGpVox-iL-uiy1zfd0PEr_wB>
>>
>>
>> IoT devices don't need port forwarding.
>>
>> They open up a connection to their command and control server,
>> and leave it open, allowing the C&C server to send commands.?
>> That's how all your smart lights work - your smartphone app tells
>> the server to turn off the light, and the light reaches out and
>> says 'do you have a command for me' every second or two, and then
>> turns off.
>>
>> The problem is when the C&C server gets compromised and bad guys
>> start sending different commands.
>>
>> --
>> Justin B. Alcorn
>> The views expressed are not necessarily my own, much less anyone
>> else's
>> PGP Fingerprint?CCEB F776 C3FD 1050 C8DB? 532E B8B9 BED7 7764 406C
>>
>>
>> On Sun, Jan 14, 2024 at 1:11?PM Harlan Daneker
>> <hdane...@gmail.com> wrote:
>>
>> Unless you know something I am unaware of, port forwarding
>> must be set up with iptables so by default it would not
>> forward anything.
>>
>> On Sun, Jan 14, 2024 at 12:26?PM Justin Alcorn
>> <jus...@jalcorn.net> wrote:
>>
>>
>>
>> On Sat, Jan 13, 2024 at 9:28?PM Harlan Daneker
>> <hdane...@gmail.com> wrote:
>>
>> They are on a separate network card on the computer
>> with its own static ip address and there isn't any
>> gateway. So if there is a way to connect to the
>> internet you will have to tell me how it could happen.
>>
>>
>> This is the way.
>> (As long as forwarding is disabled on the computer)
>> _______________________________________________
>> Motion-user mailing list
>> Motion-user@lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/motion-user
>> https://motion-project.github.io/
>>
>> Unsubscribe:
>> https://lists.sourceforge.net/lists/options/motion-user
>>
>> _______________________________________________
>> Motion-user mailing list
>> Motion-user@lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/motion-user
>> https://motion-project.github.io/
>>
>> Unsubscribe:
>> https://lists.sourceforge.net/lists/options/motion-user
>>
>>
>>
>> _______________________________________________
>> Motion-user mailing list
>> Motion-user@lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/motion-user
>> https://motion-project.github.io/
>>
>> Unsubscribe:https://lists.sourceforge.net/lists/options/motion-user
> _______________________________________________
> Motion-user mailing list
> Motion-user@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/motion-user
> https://motion-project.github.io/
>
> Unsubscribe: https://lists.sourceforge.net/lists/options/motion-user
>
>
>
> _______________________________________________
> Motion-user mailing list
> Motion-user@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/motion-user
> https://motion-project.github.io/
>
> Unsubscribe:https://lists.sourceforge.net/lists/options/motion-user
--
Best wishes /73
Richard Bown
Email :rich...@g8jvm.com
HTTP :https://www.g8jvm.com
##############################################################################
Ham Call: G8JVM . QRV: HF + 50-432 MHz + Microwave
Maidenhead QRA: IO82SP38, LAT. 52.6620 N LONG. 2.4696 W
VHF: 6mtrs 200W, 4mtrs 150W, 2mtrs 300W, 70cms 200W,
Microwave: 1296MHz 110W, 2320MHz 100W, 3400MHz 15W, 5760MHz 10W & 10368MHz 5W
OS: Linux Mint 20.1, on a Dell Inspiron 3580 laptop
##############################################################################
-------------- next part --------------
An HTML attachment was scrubbed...
------------------------------
------------------------------
Subject: Digest Footer
_______________________________________________
Motion-user mailing list
Motion-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/motion-user
------------------------------
End of Motion-user Digest, Vol 209, Issue 15
********************************************
