Author Topic: Authentication: Reasons Not To Just Turn It Off?  (Read 2095 times)

Offline Danno100

  • Jr. Member
  • **
  • Posts: 81
    • View Profile
Re: Authentication: Reasons Not To Just Turn It Off?
« Reply #15 on: February 07, 2012, 03:03:38 am »
Thanks for this post.  V2 authentication didn't work for my non-Lan connections.  So, I upgraded to V3 and it finally works as it should.  None of my camera's were indoors, and all had sound turned off anyway.  I feel sorry for these folks that leave their system open because for that one family, I could hear their conversations.  Truly foolish in this day and age.

Offline rkkeller

  • Sr. Member
  • ****
  • Posts: 259
    • View Profile
Re: Authentication: Reasons Not To Just Turn It Off?
« Reply #16 on: February 07, 2012, 02:20:22 pm »
MY EYES MY EYES!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!   :'( :'( :'( :'( :'( :'( :'( :'( :'( :'( :'(


I just saw the fat woman totally naked and walking right up to the camera!!!!!!

I love tattoos but on her its not appealing at all.


I am a little heavy myself but I now feel thin.   ;D

Stickman

  • Guest
Re: Authentication: Reasons Not To Just Turn It Off?
« Reply #17 on: February 07, 2012, 02:43:16 pm »
There should be a warning disclaimer on that site  ;D ;D

Offline PeteCress

  • Sr. Member
  • ****
  • Posts: 477
    • View Profile
    • Email
Re: Authentication: Reasons Not To Just Turn It Off?
« Reply #18 on: February 07, 2012, 02:51:16 pm »
A prime example why to secure your server:
Note kitchen cam has sound too.
http://www.ssnyder.net/default.htm

Somebody should tell these guys - but how to ID them?
Sony SNC-CH260, ACTi 5311E, EdiMax 3030POE, FosCam FA8905W - Still struggling to set up surf cam for multiple users.

Offline Gargoyle

  • Newbie
  • *
  • Posts: 24
    • View Profile
Re: Authentication: Reasons Not To Just Turn It Off?
« Reply #19 on: February 08, 2012, 01:46:55 am »
I have it set for authentication, non-lan only, secure only and often when I try to connect to a completely different, unrelated website (like yahoo) from computers on my lan, and even sometimes from the same computer where Blue Iris is running, I get the blue iris login screen. What's up?

Offline MattC

  • Newbie
  • *
  • Posts: 4
    • View Profile
Re: Authentication: Reasons Not To Just Turn It Off?
« Reply #20 on: May 21, 2013, 05:14:21 pm »
Just ran across this topic and started doing my own searching.  :o
I feel I've secured my system pretty good, before and after coming across this. Here's how I did it using Blue Iris Security & Windows Firewall. (I know boo, but it's better than nothing)

First, never allow unauthorized connections! Make a username, make it strong
(ie not admin, not administrator, not user, not guest, not test, etc)

Second, make a password, make it strong. Intel has a password checker.
(https://www-ssl.intel.com/content/www/us/en/forms/passwordwin.html)

Third, using windows firewall, only allow ip addresses that you trust to see that you have an open port. For example I know AT&T Cellular in my area will always give my iphone an ip address that starts with 166.x.x.x, so I only allow ip addresses that start with 166 in. That's it, no body else can even see I have a web server. This is what they call white listing and should be done if you want your cameras or other web services safe. Don't believe me? Look at your connections tab under status. You'll see a bunch of China, Russia, Japan, & Korea web addresses looking at your system

You can do this in XP/Server 2003 by:
Go to Control Panel -> Windows Firewall -> Exceptions tab -> Select Blue Iris -> Click Edit -> Click Change Scope -> Select Custom List -> Type in your ip range 166.0.0.0/255.0.0.0 (unless you know the specific ip range your provider has). Separate multiple external networks with commas.

Windows 7 is a little different
Start -> Type "Windows Firewall with Advanced Security" -> Choose Inbound Rules -> Double Click Blue Iris -> Scope tab. Under remote IP address choose "These IP Addresses:" and click Add. Add your remote devices IP address & subnet in. Keep adding until you get every remote connection you want to view from added.

To secure your cameras, simply don't forward their ports to the outside world or buy/make a stand alone firewall that. I suppose some nicer routers may allow you to do this as well.

If anyone else has more and/or better suggestions on how to lock down your system I am all ears. This has worked well for me thus far.

The best way I know of to notify some of these people is to contact their ISP and let them pass the word along.
« Last Edit: May 21, 2013, 05:20:52 pm by MattC »
12 - EasyN/Zmodo/Foscam 8908 knockoff's 640x480
8 Core FX-8120, 4GB RAM, 32Gig SSD, 5.5TB RAID5, Win Server - 3 VM's, 4 webservices (including BI) - 25% utilitzed

Offline PeteCress

  • Sr. Member
  • ****
  • Posts: 477
    • View Profile
    • Email
Re: Authentication: Reasons Not To Just Turn It Off?
« Reply #21 on: May 21, 2013, 10:45:57 pm »
A prime example why to secure your server:
Note kitchen cam has sound too.
http://www.ssnyder.net/default.htm

Somebody should tell these guys - but how to ID them?
I think they have gotten the message because when I tried to open the link I got an ID/PW prompt.
Sony SNC-CH260, ACTi 5311E, EdiMax 3030POE, FosCam FA8905W - Still struggling to set up surf cam for multiple users.

Offline gencom

  • Newbie
  • *
  • Posts: 14
    • View Profile
Re: Authentication: Reasons Not To Just Turn It Off?
« Reply #22 on: May 24, 2013, 04:05:22 pm »
fatwife.dyndns.org:8082/

!!!!


 :-X

I had my BI to run non secure (name/pw only none of that encroption)  I think somehow it was crashing my entire system every few days (at least particular system)

anyway I eventually setup VPN access to my network instead and I logg on via vpn instead (not just for BI but for my other work related)


I saw one of the history files

AAHHHHHH MY EYES@!!!!!
« Last Edit: May 24, 2013, 04:08:55 pm by gencom »

 

Mobile Theme