1. Home
  2. UK Do-It-Yourself Forum
  3. Are there security questions about wifi cameras?

Are there security questions about wifi cameras?

I am about to renovate a barn, which is next to a public lane, into a garage. Swallows have always nested in it and I intend to build them a large enclosure inside with a new dedicated entrance. I would also like to fit a camera so we can watch them. It would be wifi connected to a wireless access point in the house about 20 metres away. The AP is WPA protected so, as far as I can see, the new camera will not provide any route for people to hack into my network. Is this so, or have I overlooked something that could be a threat? Experts please advise and it might help the earlier poster about cameras on farms.

Peter Scott

Reply to
Peter Scott
Loading thread data ...

Peter Scott ( snipped-for-privacy@peter-scott.org.uk) wibbled on Monday 10 January 2011

16:40:

If you already have an AP, the presence of the camera will make no difference - it is the AP that is potentially vulnerable.

As to the AP, WPA is pretty good. Not bombproof (nothing is) so if you are deeply worried, change the passphrase from time to time.

Risk analysis is key. If you are in the middle of nowhere, an unsecured AP may be secure enough. If you are in an urban area, expect people (especially a neighbour) to "have a go".

You might get a casual wardriver down the lane, but if the lane is quiet and mostly farmers and old folk (no offence to anyone) your risk is small.

Reply to
Tim Watts

WPA can be defeated by a determined attack but is still quite hardwork.

You should be able to decrease the probability of success by configuring your router/AP to only accept communications from specific devices. These are identified by their MAC address and are unique.

Have a look at the setup instructions for your Router/AP for something called MAC address filtering which is in addition to and on top of WPA encryption.

HTH

Bob

Reply to
Bob Minchin

I'll certainly look at the MAC filtering. Thanks

Peter Scott

Reply to
Peter Scott

I would not get too worried about it though... pretty much all wireless kit these days has use programmable MAC addresses, so if you can sniff traffic between an existing "allowed" device and the WAP, then you can just clone its MAC address. (a camera may not quite as vulnerable to this since its always on!)

Reply to
John Rumm

MAC filtering is another hoop for a hacker to jump through but there are devices out there that can spoof their MAC address.

Reply to
Dave Liquorice

Dave Liquorice ( snipped-for-privacy@howhill.com) wibbled on Monday 10 January

2011 22:34:

Pretty much any laptop (running linux at least)...

Reply to
Tim Watts

ISTR from when this came up here before, MAC address filtering was rubbished not only as trivial to circumvent (certainly compared with WPA encryption), but could also potentially be a *bad* thing. Can't think why - did I dream that one? ;)

David

Reply to
Lobster

It can be a PITA when you forget you have it turned on and two years down the line you are wondering why some new widget does not want to talk, even though superficially everything should be ok. DAMHIK!

In an environment where clients come and go, its trivial to sniff a valid MAC and then use it once you see the address go inactive. Where there is one "always on" client like a video camera, its going to be a bit more obvious if you do attempt to introduce another device with the same MAC.

Reply to
John Rumm

The last point is a strong one. The camera will always be on, at least during spring and summer. The message I get is the camera in itself is not a serious additional risk, except in the sense of advertising a wifi network.

Thanks to all

Peter Scott

Reply to
Peter Scott

To cut the risk even further, if the image comes up on a web page type interface, password protect that page.

Reply to
John Williamson

HomeOwnersHub website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.