Security camera set-up

[bass ackwards]

I appreciate the input from you guys but I am not understanding what you are trying to tell me.

Do I need say four to six cameras each with the ability to send me video? What would I do if each camera sends me video at the same time? would I be able to switch from one camera to the other on my phone?

This security set-up is a must for obvious reasons and I have to be able to set it up properly. And I have very little knowledge of the components required. Sorry if I appear to be so dense.

Respect bass

 

[RMCG]

'Send' you video or stream you video? do you need to pan/tilt? etc.

IF you require 'live' streams, multiple camera views, pan/tilt, triggers, etc you WILL need some sort of controller software that manages all of the cameras as a 'system' and you will need to open that up to the internet to be able to get in to the system from a remote location (notebook, cell phone, etc.)

Check out that software that Lazyman posted up, find a supported security system package and use that for your phone control.

IF you just need your driveway cam to send you an email with a short video of motion, then a entrance cam to send a video of motion or snapshot of who is at your door, no camera control, no panning, no archival of videos, then yes you can do that with individual cameras and no DVR/controller software.

There is no problem with receiving multiple video/snapshot 'emails' from those cameras at the same time.

Go buy a cheap (~$100) IP cam and check out the functionality that is built in to the camera. It may do exactly what you need and you are overthinking the set up.

 

[gronko]

IP cameras have the worst track record when it comes to security especially when exposed to the internet. You do not want to access your camera from the internet, as that means other people too can do the same. As can Google.

Please see this link of the various devices you can find via google when exposed to the internet. You can find printers and other goodies.

http://www.hackersforcharity.org/ghdb/?function=summary&cat=18

As for Zoneminder, its quite easy to do everything. There's so many ways to get this up and running. I will list a few ways:


THE EASIEST WAY ------> Download this:
ZoneMinder LiveCD v1.22.2 from this page http://www.zoneminder.com/downloads.html

(Its listed under the "other downloads" near the bottom of the page).
Once its finished downloading, burn the file to the cd as an image,
put the cd in your computer and reboot it. You can now test Zoneminder.

Here's a video of a man trying this livecd on his computer
http://www.youtube.com/watch?v=zZaGHFDcTGk


You can try the Zoneminder solution by going to this website and downloading this virtual appliance. (Download by clicking on the download tab in the middle of the page). You can download a trial version of vmware from here to run this virtual appliance

http://www.vmware.com/appliances/directory/va/86653

There's also a link here that shows you how to configure it step by step on an ubuntu computer with pictures.
http://www.zoneminder.com/wiki/index.php/Ubuntu_9.04_Jaunty_desktop_with_graphical_interface


Oh yeah for the whole emailing thing of the video feeds, the problem is that there is a potential that the email bounced through a few email servers and everyone had a look at it. Not too cool if you have weed on display?
Bad IDEA.

Any questions please ask.

 

[gronko]

Oh yeah, forgot to mention there's actually tons of live cds/DVDs that you can use for zoneminder. A live cd is essentially an Operating System running on a cd, so that you can test it out without touching yr current system.

Forensically, this would be better for you, all you need to do is eject the cd and reboot, your security system is now offline. You do not want to record anything, just a live view. Less incriminating evidence.

All other features are unnecessary, especially if you are trying to hide something.

Here's a link to another live cd : http://www.wifigator.com/zoneminder/ (looks promising)

And here is a demo page on the internet that you can view and see what its like for yourself. http://67.210.200.98/

 

[RMCG]

Preaching to the choir man...

I never suggested exposing an IP camera to the internet and am a big fan of the ZM LiveCD, esp for linux noobs.

Emailing EXTERNAL videos/snapshots should not be a big deal. Most 'anonymous email (gmail, hotmail, etc.) servers allow pop/imap access, so just email it to yourself. Its not going to go through multiple mail servers.

 

[dtfsux]

i used EZ watch Pro. Decent software, cameras record on motion only, can send text or emails, can watch remotely from certain phones. You can also set the camera up, then on the computer you can highlight a certain area to track, so you arent recording the whole area, like if the road is in the background.

One issue we had was at night, the images got a little grainy and caused the cameras to record all night. There really was no work around for that.

We also lost communication and at times could not log in to see the cameras. Never figured out if that was a internet issue or a software issue

 

[gronko]

Agreed, external vid/pics of the area without anything dodgy would be better then sending images/video of your plants.

Hang up a sign in the background of the external cam that would suggest a business ie "Joes Accountant" would make ppl think its just a business owner looking after the property.

Preaching to the choir man...

I never suggested exposing an IP camera to the internet and am a big fan of the ZM LiveCD, esp for linux noobs.

Emailing EXTERNAL videos/snapshots should not be a big deal. Most 'anonymous email (gmail, hotmail, etc.) servers allow pop/imap access, so just email it to yourself. Its not going to go through multiple mail servers.

 

[wilburn]

The technical issue with an IP camera is to setup for TLS/SSL and encrypted communications between the camera and yourself (viewer). I.e. to hide both the IP address of the camera when you view it and the images as data to be encrypted then decrypted at your viewer.

IOW, your ISP(s) would see nothing and no one inbetween the IP addresses (yours and the cameras) could intercept plain text or viewable images.

This can be done.

 

[RMCG]

Har

Nothing anonymous about them unless you setup the account and signin ONLY through an onion router. Then, you gain privacy with limited anonymity, Friend.

Anonymous in the fact that they are 'generic' and can be disposed. A burner.

The email stays within their system, its not bouncing around the internet.

I also BOLDED EXTERNAL images from your cam, ie FRONT DOOR/BACK DOOR. Not a pic of ANYTHING grow related.

Tor adds another layer (but its slow and not happening on a cell phone). Proxies work too.

 

[RMCG]

The technical issue with an IP camera is to setup for TSL/SSL and encrypted communications between the camera and yourself (viewer). I.e. to hide both the IP address of the camera when you view it and the images as data to be encrypted then decrypted at your viewer.

IOW, your ISP(s) would see nothing and no one inbetween the IP addresses (yours and the cameras) could intercept plain text or viewable images.

This can be done.

You mean TLS.

If you are viewing a cam stream over the internet, you do not 'see' the camera IP, its NAT'ed behind your internet router/firewall, so you see the external IP address, not your internal LAN.

SSL is definitely recommended, but not all cameras support them with the embedded firmware on the camera. I would not expose a single or multiple cameras out for external access using the native camera software. As the link that was posted earlier shows how they can be hacked/bypassed. When I mentioned single cams/no system, I was talking about having the cam send images/video of motion via SMTP/email.

Front end it with a system/software like ZoneMinder and you can utilize SSL.

Get yourself a VPS and set up a mailserver and you can have your OWN mail server.

Again, a Site to Site VPN all traffic is ENTIRELY encrypted.

 

[wilburn]

Originally Posted by wilburn

Nothing anonymous about them unless you setup the account and signin ONLY through an onion router. Then, you gain privacy with limited anonymity, Friend.

Anonymous in the fact that they are 'generic' and can be disposed. A burner. The email stays within their system, its not bouncing around the internet.

A new definition of anonymous I presume. In terms of security, anonymous means that there are no identifying data. If you use any email account, your login IP is recorded. Unless you have used a well circuited onion routing protocol, the IP address will expose the Internet connection of the computer that you used. This exposure then can link back to the location of the computer, the time of use, and to you.

Tor adds another layer (but its slow and not happening on a cell phone). Proxies work too.

Proxies see your inbound IP address. Your ISP sees your connection to the proxy (unless your are using some style of secured access to the proxy). They will give this information up in a heartbeat, without subpoena, especially if they are free proxies.

Complete anonymity using the Internet is impossible. Tor can be compromised by an adversary with subpoena power and/or the capability of being and exit node, analyzing data relay times and several other methods.

Problem is, the adversary/observer doesn't have to watch the entire Internet, only the 1,800 or so TOR nodes.

Actually he doesn't have to watch all the nodes - he can get about 95% of persistent / repeated contacts by watching the traffic to and from about 260 nodes over a week or so.

What???? I kinda pulled those numbers from my ass, but they aren't very far wrong. Steven Murdoch and Richard Clayton did the work a few years ago, as reported in the Ottawa PET conference proceedings, I think.

Surprised? Look at it like this - if 1/3 of nodes are compromised then
in 1/9 of connections all three nodes will be compromised, and in 1/9 of cases the entry and exit nodes will be compromised - so in 2/9 of cases anonymity is lost. If you connect to the same webserver 3 times, there is a ~ 50% chance that your anonymity will be compromised.

This also applies when TOR changes the routing for one session to a
single server - which is incidentally, overall, a bad idea - each
routing counts as one connection.

Browse a pron site for 21 minutes with TOR, and anyone who is watching the traffic to and from 1/3 of the TOR servers has a 50% chance of defeating your anonymity.

In real life it's slightly worse than that, for various reasons, and it
works out at pretty much the figures I gave above, but I refer you to the papers mentioned for details.

That kind of traffic data collection would be entirely straightforward,
and entirely legal, under UK law, for any and all UK/EU nodes.

The Police could simply demand the traffic data from the ISP or whoever runs the server's Internet connection - the person running the server need not know about it, and would normally be prevented from finding out about it.

The ISPs are required by law to keep that traffic data, and to make it available on demand.

That goes for any TOR node in the EU - UK law is based on EU law.
Getting in/out traffic data is completely straightforward for the
ordinary Police, never mind GCHQ/GSG/etc.

I don't know about German law, but it's similar to UK law as far as data storage and police access to traffic data goes, and after the JAP fiasco and various German Police keylogger stories it wouldn't surprise me at all if German law allowed both the watching of, and running of, TOR nodes.

By running about 80 exit nodes the Germans could do much the same in terms of defeating TORs anonymity as watching 260 randomly chosen nodes, plus they get lots and lots of plaintext ..

 

[RMCG]

Not sure why you are spouting wiki facts regarding Tor?

You brought up Tor. The Onion Router == TOR.
Get it?

I said it added another layer.

My proxy does not keep logs nor is it located in my country. Good luck with local LEO getting anywhere with that.

I do not care about German or UK laws. They gave up all their rights willingly and I don't care what happens to them.

'Anonymous' email ie hotmail, gmail, etc. - reread. I will say for the third time - FOR EXTERNAL IMAGES ONLY. Of your driveway, front door, back door monitoring, NOT your grow op.

If you care to discuss something relevant to the thread / OP questions, I'm listening, but so far you have regurgitated nonsense and fuckall related to what was being discussed.

 

[wilburn]

If you are viewing a cam stream over the internet, you do not 'see' the camera IP, its NAT'ed behind your internet router/firewall, so you see the external IP address, not your internal LAN.

It makes no difference what the viewer sees, it is the traceability of the Internet connection by an adversary that is important. Traceability = the IP addresses of the camera (regardless of if it is NAT firewalled or not) and the IP address of the viewer. Either can lead directly back to the viewer and the owner/installer of the camera. Easy peasy.

SSL is definitely recommended, but not all cameras support them with the embedded firmware on the camera...When I mentioned single cams/no system, I was talking about having the cam send images/video of motion via SMTP/email. Front end it with a system/software like ZoneMinder and you can utilize SSL. Get yourself a VPS and set up a mailserver and you can have your OWN mail server.

Again, a Site to Site VPN all traffic is ENTIRELY encrypted.

At this point, the complexity level and the operational concerns are exorbitant, requiring way too many resources and time to justify a security camera setup. Not to mention that only the very few can pull this off and of that very few only a trivial few can professionally monitor this complex of a setup for devastating errors, downtime and information leaking.

Which brings us roundabout. A security camera setup is a great idea as long as no one suspects or raids your grow. If they do, then good chance that this "security" setup will be one more thing that can be thrown against you when you are prosecuted or one easy way to ID who you are (assuming they don't already know).

 

[wilburn]

Not sure why you are spouting wiki facts regarding Tor?

Not from any wiki I can assure you unless you would care to provide a link?

You brought up Tor. The Onion Router == TOR.I said it added another layer.

Tor isn't a "layer". It is a professionally written routing protocol which has no equal, funded by DARPA, ONI and ONR, extrapolated for public use.

My proxy does not keep logs nor is it located in my country. Good luck with local LEO getting anywhere with that.

Every proxy keeps logs or they are a crap proxy. Logs are required for no other reason to see errors, fix them, adjust the proxy system and so one and so forth. any proxy that claims they do not log is lying.

I do not care about German or UK laws. They gave up all their rights willingly and I don't care what happens to them.

Then don't use Tor since the Germans have over 50% of the exit nodes i use.

'Anonymous' email ie hotmail, gmail, etc. - reread. I will say for the third time - FOR EXTERNAL IMAGES ONLY. Of your driveway, front door, back door monitoring, NOT your grow op.

Email is not anonymous regardless of what you wish to proffer. Connecting to email using a strong onion routing protocol offers a level of anonymity and privacy.

Anonymity lies not in the (email) provider but in the connection between you, the email service, and back to you. Including what the email provider sees in terms of your IP address, browser, cookies set and retained, caching and a slew of other factors which easily can expose you.

Not to mention the enormous amount of information that can be easily read in the headers of any email that you download to, or write from, your cell or computer.

Sorry, but that's the truth of things.

Anonymity is entirely impossible against a strong adversary.

 

[RMCG]

It makes no difference what the viewer sees, it is the traceability of the Internet connection by an adversary that is important. Traceability = the IP addresses of the camera (regardless of if it is NAT firewalled or not) and the IP address of the viewer. Either can lead directly back to the viewer and the owner/installer of the camera. Easy peasy.

Um yeah, I stated and showed that earlier in the thread. Have you actually read this thread?
You were incorrect in stating the 'internal address of your camera'. I was correcting the misinformation.

At this point, the complexity level and the operational concerns are exorbitant, requiring way too many resources and time to justify a security camera setup. Not to mention that only the very few can pull this off and of that very few only a trivial few can professionally monitor this complex of a setup for devastating errors, downtime and information leaking.

Very few people can set up a site to site VPN? You are joking right?
I'm pretty sure that there are more than a few guys on this board that do this on a day to day basis...

Businesses run them all the time. I've worked for a company that has several HUNDRED B2B and B2C VPN connections.

Which brings us roundabout. A security camera setup is a great idea as long as no one suspects or raids your grow. If they do, then good chance that this "security" setup will be one more thing that can be thrown against you when you are prosecuted or one easy way to ID who you are (assuming they don't already know).

Um yeah, again if you actually read the thread, that is what got asked. And how to self destruct your security system.

 

[RMCG]

Not from any wiki I can assure you unless you would care to provide a link?

You brought up Tor. The Onion Router == TOR.
Get it?

I said it added another layer.

Tor isn't a "layer". It is a professionally written routing protocol which has no equal, funded by DARPA, ONI and ONR, extrapolated for public use.

Another 'layer' of security, not talking OSI.

Every proxy keeps logs or they are a crap proxy. Logs are required for no other reason to see errors, fix them, adjust the proxy system and so one and so forth. any proxy that claims they do not log is lying.

System logs vs SURFING logs are different.
If you use crappy proxies, that is your choice.

Then don't use Tor since the Germans have over 50% of the exit nodes i use.

I do not. Its slow. You brought it up.

Email is not anonymous regardless of what you wish to proffer. Connecting to email using a strong onion routing protocol offers a level of anonymity and privacy.

Anonymity lies not in the (email) provider but in the connection between you, the email service, and back to you.

Not to mention the enormous amount of information that can be easily read in the headers of any email that you download to, or write from, your cell or computer.

Sorry, but that's the truth of things.

Anonymity is entirely impossible against a strong adversary.

You are arguing semantics. Anonymous / web based email. Something that is NOT your ISP email. Something that you use only for this purpose. If gmail wants to index images of my front door, I would not be too concerned about it.

And why do you keep bringing up Onion/Tor? You said yourself it sucks. I agree.

 

[RMCG]

Good thing Site to Site VPN's are nearly impossible to set up.
I should start a hardware company and make one that comes in a box @ BestBuy.

Damn.
Someone beat me to it...

 

[wilburn]

Very few people can set up a site to site VPN? You are joking right?
I'm pretty sure that there are more than a few guys on this board that do this on a day to day basis...

Businesses run them all the time. I've worked for a company that has several HUNDRED B2B and B2C VPN connections[

All above is correct which in no way changes the fact that setup, monitoring and proper operation of VPN is a technical skill that very, very, very few possess.

 

[bass ackwards]

wilburn is right. I for one do not have that skill.

Respect bass

 

[RMCG]

wilburn is right. I for one do not have that skill.

Respect bass

I bet you didn't have the skill to grow weed either, until you started reading/learning.

If you can set up your home routers, wifi, etc., you can probably set up these devices as VPN endpoints. May be not? Who knows. Again, it was asked how ~I~ would do it securely (not ANONYMOUSLY).