That raises the question then of "why are 'normal' people running servers on their networks if they don't know enough to manage them properly?". ![]() If there's an upside to P2P other than it being "easy" I'd love to hear it. Using port forwarding in concert with a DDNS service will allow you to know what is being done and why and not just slapping something together as quickly as possible to get it done and get out. Maybe even go so far as doing some intrusion checking with port scans and other tools to ensure security and not just run for the hills once the check is in hand. Use an NVR as a single point of connection for all IP cameras and only forward the necessary ports (after changing them from the defaults) and change the default usernames and passwords. If you take the time to plan out the installation, not only physically, but also logically for the network address and sub-netting you can do this properly. The person installing the equipment has no say in how the P2P operates, by whom it is operated, how they choose to use the information they gather, specifically including the e-mail addresses of YOUR customers which are verified during registration and use, nor is anyone provided with any guarantee of service, so it can be up or down at any moment with no consequences to anyone except the end-user. P2P is sacrificing security for ease of installation. I will always advocate a well thought out port forwarding setup over P2P. I think it's time for this schema to change. The problem with this topology is that currently cameras are designed to be servers, not clients. Small systems can use a single server with no redirection. These "central" servers would be the main points of vulnerability and would need to be hardened, but that is more cost effective than hardening an unlimited number of cameras. A better system might be having a single server at a known address and have all the cameras (end points) set to open initial connections with that server which could then redirect these connections to the "real" video server if they are found to be valid streams. However any system that uses the public Internet must have some device with a published IP address or domain address.
0 Comments
Leave a Reply. |