Jump to content

Matty

Member
 View Profile  See their activity

  • Posts

    19

  • Joined

  • Last visited

Reputation Activity

  1. Like
    Matty
    Matty reacted to IceWulf in Security VLAN?   
    It really depends what type of stream the cameras have - if the footage is UDP transport (one way only) it may just work, but I would check on that first. It seems very simple to buy a managed switch (Cisco, Juniper, etc) and only accept the traffic you want from the cameras on the network. I'd probably get myself a cheap Catalyst Cisco 100MB switch and go from there on Ebay.
  2. Like
    Matty
    Matty reacted to IceWulf in Security VLAN?   
    On a managed switch it is totally doable. You could lock the traffic to mac addresses AND flow (what TCP/UDP ports). Still hackable? yes. But it will keep out the casuals.
  3. Like
    Matty
    Matty reacted to The Benjamins in Security VLAN?   
    What you probably should do is set up a vlan for your normal lan and a vlan for cameras, then set firewall rules to not allow traffic to "talk" between vlans. what router do you have?
    Edit:
    I would set up 2 DHCP services on my router (192.168.1.xxx, 192.168.2.xxx)
    create a firewall that blocked all traffic from any 192.168.2.xxx ip to any 192.168.1.xxx IP except for the camera management device (make it have a static IP) (192.168.1.100)
    then the management device can do what it wants with the footage (send it to the NAS on 192.168.1.xxx)
     
    either use 2 switches or 1 switch with 2 vlans setup to connect all the devices.
     
    you might want to add other firewall rules to 192.168.2.xxx to limit or prevent internet access so a person can't just attach a AP to your camera LAN outside your house for free wifi.
     you can also use mac address filtering for added security on Vlan 192.168.2.xxx
  4. Like
    Matty
    Matty reacted to The Benjamins in Security VLAN?   
    honestly it is mostly a management thing for the router, not the switch you can set the edgerouter lite to have eth0 as wan  eth1 as vlan1 (DHCP 192.168.1.xxx) and eth2 as vlan2 (DHCP 192.168.2.xxx) and use 2 dumb switches, or any old switch with vlan support (can be some used 24/48 port one off ebay for $50)
    the firewall and stuff is managed by the router.
    I have a edgetouter lite and have 2 DHCP's set up (only use one, other just kinda does nothing right now)
  5. Like
    Keen_Interest
    Matty got a reaction from Keen_Interest in Something for Linus? Asus 4K Monitor   
    This is only just the beginning, but here it is! Finally seeing more 4K monitors pop up.
     
    Would love to add one of these to my setup and I am sure Linus would too!
     
    http://www.engadget.com/2013/05/31/asus-unveils-31-5-inch-4k-monitor-ahead-of-computex/?utm_medium=feed&utm_source=Feed_Classic&utm_campaign=Engadget
     
     
×