Showing posts with label FTP. Show all posts
Showing posts with label FTP. Show all posts

Saturday, September 21, 2019

Difference between Ethernet cables ?

Difference between Ethernet cables?

Not all Ethernet cables are the same, so what is the difference, and how do you know which you should use? In this short guide we take a look at the technical and physical differences between the Ethernet cables available on broadband buyer.

Ethernet cables are grouped into sequentially numbered categories (e.g CAT5) based on different specifications; sometimes the category is updated with further clarification or testing standards (e.g. CAT5e, CAT6a). These categories are how we can easily know what type of cable we need for a specific application. For our IP Surveillance ( IP Camera, Access Control, BAS, Intrusion ... etc) CAT6 is recommended to install, including PoE based design. 

Manufacturers are required to adhere to the standards which makes our lives easier.

CAT Technical differences

The difference in Ethernet cable specification is not as easy to see as physical changes; so let’s look at what each category does and does not support. Below is a chart for reference when picking cable for your application based on the standards for that category.

Difference between Ethernet cables
Length
10Mb/s
100Mb/s
1GbE
10GbE
PoE
Mhz
CAT5
100
Y
Y
Y
100
CAT5e
100
Y
Y
Y
Y
100
CAT6
100 (55 for 10GbE)
Y
Y
Y
Y
Y
250
CAT6a
100
Y
Y
Y
Y
Y
500

You may notice that as the category number gets higher, so does the speed and Mhz of the wire. This is not a coincidence, because each category brings more stringent testing for eliminating crosstalk (XT) and adding isolation between the wires.

Category 5 cable was revised in 2001, and mostly replaced with Category 5 Enhanced (CAT5e) cable which did not change anything physically in the cable, but instead applied more stringent testing standards for crosstalk. Category 6 was revised between 2002 with Category 6 Augmented (CAT6a) in 2008 that provided testing for 500 Mhz communication (compared to CAT6 - 250 Mhz). The higher communication frequency eliminated alien crosstalk (AXT) which allows for longer range at 10 GB/s.

Physical Differences

So how does a physical cable eliminate interference and allow for faster speeds? It does it through wire twisting and isolation. Cable twisting was invented by Alexander Graham Bell in 1881 for use on telephone wires that were run along side power lines. He discovered that by twisting the cable every 3-4 utility poles, it reduced the interference and increased the range. Twisted pair became the basis for all Ethernet cables to eliminate interference between internal wires (XT), and external wires (AXT).


There are two main physical differences between CAT5 and CAT6 cables, the number of twists per cm in the wire, and sheath thickness.

Cable twisting length is not standardised but typically there are 1.5-2 twists per cm in CAT5(e) and 2+ twists per cm in CAT6. Within a single cable, each colored pair will also have different twist lengths based on prime numbers so that no two twists ever align. The amount of twists per pair is usually unique for each cable manufacturer.

Many CAT6 cables also include a nylon spline which helps eliminate crosstalk. Although the spline is not required in CAT5 cable, some manufacturers include it anyway. In CAT6 cable, the spline is not required either as long as the cable tests according to the standard.


The nylon spline helps reduce crosstalk in the wire, with the thicker sheath protecting against Near End Crosstalk (NEXT) and Alien Crosstalk (AXT), which both occur more often as the frequency (Mhz) increases. In this picture below, the CAT5e sheath has the thinnest sheath versus CAT6 but it also was the only one with the nylon spline.
Shielded (FTP) vs. Unshielded (UTP)
Because all Ethernet cables are twisted, manufacturers use shielding to further protect the cable from interference. For example, Unshielded Twisted Pair (UTP) can easily be used for cables between your computer and the wall but you will want to use Foil Shielded Cable (FTP) for areas with high interference and running cables outdoors or inside walls.
There are different ways to shield an Ethernet cable, but typically it involves putting a shield around each pair of wire in the cable. This protects the pairs from crosstalk internally. Manufacturers can further protect cables from alien crosstalk with additional cable shielding beneath the sheath. The diagram below shows the different types of Ethernet shielding and the codes used to differentiate them.

Tuesday, August 13, 2019

Cyber threat into Video Surveillance

Cyber threat into Video Surveillance
Yes we all are known US ban HikVision, Dahua and IPVM media cover full story time by time. Security systems are changing at an ever-increasing pace and are making more use of standard Information Technology (IT) products running over a Local Area Network (LAN) or Wide Area Network (WAN) e.g. across the Internet, where they can be remotely monitored and controlled. As a result of using Internet Protocol (IP), the opportunity has arisen for manufacturers to develop new generations of equipment from control panels, cameras, and door controllers, to fully integrated systems combining fire, access control, CCTV, intruder and building control systems. These “integrated” systems are often called security management systems as they bring together the management of all aspects of an organization’s security.
Closed-circuit television (CCTV) is a TV system in which signals are not publicly distributed, but are monitored, primarily for surveillance and security purposes. CCTV systems rely on strategic placement of cameras and observation of the camera’s input on monitors. As the cameras communicate with monitors and/or video recorders across private coaxial cable runs, or wireless communication links, they gain the designation “closed-circuit” to indicate that access to their content is limited to only those with authorisation to see it. First we need to understand below few things:

What is a network?

In simple terms, a network provides a means of communicating data between two or more computer-like devices. A network can be a LAN and can incorporate a Wireless element of networking (WLAN). Where the network has the need to communicate outside of a single LAN, a WAN is used. A WAN can connect LANs together to communicate with users and computers in other locations. The most well-known example of a WAN is the Internet.
Why use an IP network?
Traditionally, many security systems have been linked to remote monitoring centres using modem type devices connected to a telephone line to exchange information. Using a network introduces many benefits, for example a substantial financial saving compared to dial up solutions. Additionally, the use of a network can improve quality of information and the time required to connect and exchange information.

Digital formats are being chosen by many industries such as music, telephone (voice over IP networks), TV, photography etc. With so many industries making use of IP technology, networks have become extremely robust. As a result, the use of a network can make the exchange of information between a security system and a remote monitoring centre more efficient.
Internet Service Provider (ISP)
The connection between your premises and the monitoring location may use an ISP to provide the service. When choosing an ISP, you should endeavour to establish the level of service being offered. Additionally, it may be prudent to have a second ISP link. The connection between your premises and the ISP is perhaps the weaker link so if you do have concerns, you should investigate an alternate means of communication from your premises into the ISP, i.e. GPRS, GSM (mobile service providers).

Bandwidth
Bandwidth requirements (space on your network to operate) should be discussed with your IT manager. The bandwidth required to operate a CCTV system may be considerable. Your security system provider will be able to advise you on the bandwidth requirements. As a general guide, CCTV systems require considerable bandwidth to send video images over a network whereas access control, intruder alarm systems and visitor management systems that only send small amounts of data, do not require much bandwidth.

Company usage policies
You will also need to consider company policies relating to “what is allowed” to use an existing network. If the nature of your business dictates that the network shall only be used for specific applications, then this may immediately determine that a separate network must be installed for the security system.

Now SSA Integrate company Integrating existing security with IP security solutions. As now common backbone are under TCP/IP. The network of connected sensors, devices, and appliances commonly referred to as the Internet of Things (IoT) has completely changed the way business works. This is as
true of the heavy hauling and freight industry as any other. At any moment, various players in the industry can get a sense of vehicle health, cargo safety, and whether or not any infrastructure is in need of repair.
Some products allow a mixture of analogue and digital security equipment to be combined, and this means that there is not always a need to move completely to an IP based system if an existing security system is in place.
The ‘hybrid’ approach is more common where two or more security sub systems are combined to create an integrated solution. The data in a hybrid system will usually come together at one or more PC’s. Non-IP systems are often connected to a PC using a serial port, whereas IP systems will be connected over the network.

A cyber-attack at targeted points in a country or region’s network could leave it crippled, preventing people from receiving much-needed goods and services. Fortunately, it doesn’t have to be that way.
Now cyberattacks on CCTV systems making news headlines on a weekly basis of late, there is a good deal of concern and uncertainty about how at risk these systems are, as well as why they are being attacked.
In October 2016, 600,000 internet connected cameras, DVR’s, routers and other IoT devices were compromised and used to for a massive Bot Net to launch what was the largest Denial Of Service (DOS) attack the internet had experienced to date.
In 2014, a US ally observed a malicious actor attacking the US State Department computer systems. In response the NSA traced the attacker’s source and infiltrated their computer systems gaining access to their CCTV cameras from where they were able to observe the hackers’ comings and goings.

In the lead up to the 2017 US Presidential inauguration, 65 per cent of the recording servers for the city of Washington CCTV system were infected with ransomware. How did the attack take place? Whilst unknown, it most likely occurred by the same means as other common PC hacks such as infected USB keys, malicious web sites, or phishing attacks.
What was the impact? The system administrators had to wipe the infected systems and reinstall the video management system so it’s entirely possible a good deal of footage was lost, and the system was rendered inoperable for a time.
May, 2018, over 60 Canon cameras in Japan were hacked with “I’m Hacked. bye2” appearing in the camera display text. How did the attack take place? Simple. IP cameras were connected to the internet and were left on default credentials. It appears that the hackers logged into the cameras and changed the on-screen display. What was the impact? Other the defacement of the camera displays and some reputational damage, there doesn’t seem to have been much impact from these attacks.

How did the attack take place? Yet again, devices were left connected to the internet and were left on default credentials. In this case, the attackers developed software that scoured the internet searching for vulnerable devices, which they then took control using their own malicious software.

What lessons can we learn from these attacks?
Don’t connect your devices directly to the Internet. If you need to have a camera or CCTV system be remotely accessible, port forwarding all inbound traffic to your system is just asking to be attacked. Use a VPN, use non-standard network ports, enable 2 factor authentications, or use a remote access service. While these measures won’t guarantee your security, they will certainly make you less of a target for attackers that are scouring the internet for vulnerable systems.
Just because it connects to a bunch of cameras, doesn’t mean that your NVR isn’t a computer. All the cyber security advice that is applicable to traditional IT is just as applicable when said computer is used as part of a CCTV system.

On Aug 13, 2018, The US President has signed the 2019 NDAA into law, banning the use of Dahua and HikVision (and their OEMs) for the US government, for US government-funded contracts and possibly for 'critical infrastructure' and 'national Security’ usage.
US government is effectively blacklisting Dahua and HikVision products, this will have a severe branding and consequentially purchasing impact. Many buyers will be concerned about:
·         What security risks those products pose for them
·         What problems might occur if they want to integrate with public / government systems
·         What future legislation at the state or local level might ban usage of such systems

On Jun 06, 2019 Hanwha Techwin is dropping Huawei Hisilicon from all of their products. Its belongs to China’s origin. Backdoor entry are open on product.

The tightening noose around Chinese technology firms is driven by the Trump administration’s view that China poses an economic, technological and political threat, a stance that country is likely to retaliate against. The two companies prompted concern that they could be employed in espionage, according to people familiar with the matter. Last week, the administration banned Huawei Technologies Co. from purchasing American technology amid similar suspicions of spying capabilities and Chinese laws that could require home-grown firms to hand over information if asked.

Hikvision, which is controlled by the Chinese government and Dahua are leaders in the market for surveillance technology, with cameras that can produce sharp, full-color images in fog and near-total darkness. They also use artificial intelligence to power 3D people-counting cameras and facial recognition systems on a vast scale.

A Chinese firm whose subsidiary has been shortlisted to supply security cameras for the national capital is on a US watch list, with an advisory on threats, including remote hacking and potential backdoor access. 


Concerns have also been raised on the firm being owned by the Chinese government, adding a twist to the controversy over a Delhi government project to install 1.5 lakh CCTV cameras across the city.  Now question is how you Prevent Malware Attacks:
1.   Manage your router: Earlier this year, the FBI recommended that everyone reboot all home routers and small office routers. In a previous blog on the subject, Davis stated that “rebooting will disable the active malware called “VPN Filter" which has infected hundreds of thousands of routers across the Internet, and it will help the FBI assess the extent of the infection.” While this was an isolated incident in time,
2.   Disable UPNP: UPNP will automatically try to forward ports in your router or modem. Normally this would be a good thing. However, if your system automatically forwards the ports, and you leave the credentials defaulted, you may end up with unwanted visitors.
3.   Disable P2P: P2P is used to remotely access a system via a serial number. The possibility of someone hacking into your system using P2P is highly unlikely because the system’s user name, password, and serial number are also required.
4.   Disable SNMP if you are not using it. If you are using SNMP, you should do so temporarily, for tracing and testing purposes only.
5.   Disable Multicast: Multicast is used to share video streams between two recorders. Currently there are no known issues involving Multicast, but if you are not using this feature, you should disable it.
6.   Cameras connected to the POE ports on the back of an NVR are isolated from the outside world and cannot be accessed directly.
7.   Only forward the HTTP and TCP ports that you need to use. Do not forward a huge range of numbers to the device. Do not DMZ the device's IP address.
8.   Protect your computer from vulnerabilities: Clean up your computer by removing old software programs no longer in use, and make sure to install patches regularly. Updating firmware safeguards equipment by patching known vulnerabilities often adds features and sometimes will improve system performance.
9.   Use firewalls and firebreaks (network segmentation): Place devices behind firewalls to protect them from untrusted networks, such as the Internet. And, use network segmentation—splitting a network into separate networks that are isolated, not connected—so a compromise in one part of the network won’t compromise the other (i.e. human resources and finance). This works much like a firebreak, which is a strip of land in a wooded area or forest where the trees have been removed to prevent a fire from spreading.
10. The network your NVR and IP camera resides on should not be the same network as your public computer network. This will prevent any visitors or unwanted guests from getting access to the same network the security system needs in order to function properly.


Some Protection Protocols:

Cyber security procedures for video surveillance devices across the threat spectrum require certain protection protocols.

Weaponizing IP Cameras (Threat High)

Most IP cameras today are manufactured with an open operating system, or basic kernel, that gives no real consideration to data or cybersecurity. For years, people have asked about the security of the video that their system produces; now, people are asking if their IP camera system can be used against them.
Think of an IT administrator who has worked diligently to secure a network, servers and mobile devices who then finds out that the 200 recently installed IP cameras on the edge of that network that are vulnerable to root kits, can be weaponized and used as attack platforms against their own network – and there is no way to monitor them.

This may seem far-fetched, but in Sept. 2016, 1.5 million IP cameras, DVRs and L3 network devices were highjacked in the largest DDOS attack ever seen. So what are the current fundamental considerations that an organization needs to take into consideration before placing an IP camera on their network? 

Protection Protocol:

·         The operating system (OS) on a video device should be a closed OS that runs in limited memory space.
·         Nothing should be able to be written to the device itself with the exception of digitally signed firmware. If the device has the ability to run third-party apps, it can be weaponized.
·         Common ports should be disabled by default. From a vulnerability and pen testing perspective, the more ports that are open, the more opportunity there is to leverage a device or the services on that device.
·         Video devices should utilize HSTS/ HTTP Strict Transport Security if you are going to implement end-to-end security. This protocol helps protect against protocol downgrade attacks, cookie high jacking, as well as forces an HTTPS connection to the device.
·         Consider devices with a built-in “firewall” to prevent dictionary attacks from Botnets.
·         Monitor user accounts and access to the video devices. Most IP cameras are installed with the default user name and password, and if installed on an accessible network, a connection can be established from anywhere in the world. Devices should have a force password feature that also adheres to password policies, such as length and complexity.
·         Monitor a device’s chain of custody. The vendor should have a secure chain of custody during a manufacturing process all the way through to the final sale. If they are not manufactured in a controlled environment, video devices can be tampered with at any time prior to being sold to the customer

Attacking Servers and NVRs (Threat High)

Most VMS servers and NVRs reside on either a Windows operating system or some flavor of Linux. There is an illusion of security that most of us have with regards to OS security, but just take a look at an OS vulnerability chart and that illusion will quickly disappear.
A base unpatched Windows Server 2012 OS has 36 vulnerabilities; a standard Linux distribution has 119. Most vulnerability that machines are subject to are a result of “add-ons” – such as Internet Explorer (242) and Chrome (124). While Windows Server is a more secure platform, it is also a bigger target due to its market share and utilization.

Protection Protocol:

·         As with any machine on a network, it is imperative that the most current updates and patches are applied to video system devices.
·         Ensure a VMS can work within your network policies and environment while a network firewall and anti-virus software are operational.
·         Use hardened password policies, restricted physical and network access, and disable USB ports.

Recorded Video (Data at Rest-Threat Medium)

The two primary purposes of any video system are to act as a deterrent and to be used as admissible evidence in a court of law, if needed. Technically, digital video falls under the scrutiny of the Federal Rules of Evidence (FRE) as it pertains to digital evidence, and authenticity affects admissibility.

Most NVR systems write video in a base file format such as *.AVI,*.G64, *.MKV. If the video drives are accessible via network share, they are subject to tampering.

Protection Protocol:
·         Video, if written in a readable format, should be encrypted to reduce accessibility and the possibility of tampering.
·         Video devices should use some form of hashing as a form of authenticity. Hashing provides the “Data Fixity” of a file and is a form of admissible evidence. Older forms of authenticity, such as water marking can be considered video tampering.
·         The VMS should also provide a way to protect original incident video for any undefined time beyond the system’s retention time in case of prolonged court cases.  

Playback and Export (Data in Use-Threat Medium)
The current biggest threat to recorded video is internal employees posting incident video footage to social media or leaking it to the press. The need to keep recorded video secure is paramount for many reasons. Unrestricted access to recorded video can cause several different types of issues, including legal and HR incidents. 

Protection Protocol:
·         Be sure your VMS provides granular privileges concerning the export, deletion and protection of recorded video.

Streaming Video (Data in Motion-Threat Low)
While the actual threat of streaming video being intercepted and used in some way is low, the knowledge that the data from a specific IP address is video can be used against you. From the aspect of network enumeration, an attacker now knows he has non-PC target(s) that he can try to leverage.

Protection Protocol:
·         Video devices should be able to utilize HTTPS communications, with certificates. This ensures secure end-to-end communications including control channels and video payload.
·         Video devices should be equipped with a Trusted Platform Module (TPM) to securely store certificates utilized in different secure network scenarios such as 802.1x  and Public Key Infrastructure (PKI).
·         Your video devices should have features that provide the ability to disable certain protocols such as ICMP, Telnet, and FTP.

Few Current Development:





3. IPVM Report

Sunday, March 3, 2019

Guide of IP Camera’s Footage Storage

Guide of IP Camera’s Footage Storage


If you are end-user then you may make question “if somebody destroy or theft my NVR/DVR then how we get video footage”. Question is very much true. Analog camera store / record there motion event on DVR & IP Camera store / record there NVR, some IP camera store limited data to there internal microSD card.
Or, Is there a camera that saves the footage on a host with FTP? Can I use my computer to store surveillance videos or footage? Are there any cameras that support cloud storage? Is there any camera that has a built-in memory card?

Or, you may say I am looking for a camera that can store up to a few days of data or a camera that uploads footage offsite or to a cloud or server.
How Can you Store Footage and Video Recordings
Generally speaking, you can store footage and recordings on an SD card, cloud, NVRs/DVRs, FTP or NAS. It comes down to what you are looking for. That being said , it’s still very important to weigh on differences and conveniences of each solution to narrow down growing pool of models available and find the best match.
·         Option 1. Micro SD Card
·         Option 2. NVRs/DVRs
·         Option 3. FTP Server
·         Option 4. Cloud-Based Storage
·         Option 5. Workstation Computer

Option 1. Micro SD Card

People will be opting for onboard SD storage when they are just looking for cameras that save motion-triggered footage or don’t want to subscribe to cloud service. For example, users said
“I want to store footage locally instead of uploading to a cloud or getting a DVR/NVR.”
“I intend to keep and save footage but don’t want to subscribe to a cloud service for storage. “
Or people who are looking for cameras that will be used in a location where internet access is limited but still want to store motion-based footage. For example, one user explained that
“I have a rural property and only have power at the house and barn. Best option would be a motion activated cam outside that I could attach to a tree. Wifi at my house is only available very close to the house and we are on satellite internet, so no real broadband for cloud solutions.”
The obvious benefit of storing via SD card is that it’s relatively safe and inaccessible by others, micro SD card storage option is extraordinarily popular with homeowners for surveillance on the front doorbackyardapartmentremote areasvacation home, oany place that doesn’t require constant 24/7 recording.

Option 2. NVR's/DVR's

Standalone NVRs and DVRs, as offsite storage solutions, are increasingly popular and widely used among home security systemsmall businessworkshop and etc.
If you are looking for a security system that can record video constantly and be able to save weeks of footages, standalone NVR's/DVR's with a built-in hard drive are what you need. For example, users expressed their needs, saying
“No need for motion activation but constant recording. And must have ability to review footage without needing to pause or stop recording”, “I need 30-day non-stop recording and want to record and save more than 3 cameras’ footages to a hard drive”
NVRs/DVRs are not just for storage, they are also embedded with the operating system to multi-task including managing multiple cameras simultaneously, motion-triggered recording & alarm, scheduling recording, 24/7 recording.
NVRs can also be accessed remotely from a Smartphone, tablet or personal computer.
One piece of advice after buying NVRs/DVRs would be keeping them safe from burglars orthieves as well as backing them up regularly to FTP server if needed.

Option 3. FTP Server

FTP server is a great footage storage option for those who have a reservation for cloud storage but don’t want local network drive or built-in memory card. For example, many homeowners expressed their thoughts on , saying
“I don’t want to go down the road of paying for monthly memberships to a cloud storage option for recording. I am looking for FTP or some other generic protocol method that is NOT a subscription based ‘cloud’ solution.”
Or
“I would like to save the footage on a host with FTP instead of storing the footage on a local network drive that could just be taken. or I have a FTP server and want to manage the footages or videos on FTP server, configuring security cameras to upload event-based recordings or snapshot or recorded images and videos to a FTP server.”
FTP server is, without any doubt, a good solution. Security cameras such as Reolink cameras are proving to be increasingly popular with homeowners. Many Reolink security cameras do support FTP storage, both motion-based footage and constant video recordings.

Option 4. Cloud-Based Storage

Cloud-based storage is gaining popularity among users who are looking for an alternative to NVR/DVR, SD card, and NAS and there are growing numbers of cloud-based video surveillance cameras and IP camera with cloud storage available on the market.
Cloud-based storage is relatively convenient and safer; however, cloud services are commonly charged and require a varied monthly subscription fee.
Cloud-based storage is also potentially putting a strain on the home network by putting pressure on network bandwidth, as well as compromising photo or video quality to achieve optimal performance.

Option 5. Workstation Computer

Of course, you can always turn your personal computer into a storage unit by configuring storage path to your computer; however, massive data storage could slow your computer down and eat up storage space rapidly.
Not only that, CCTV forage auditing you can do from computer. You need window license based software only. That software takes screenshot of your open Camera Viewing window. In this scenario you can see what camera saw. Camera see 24Hr, you are able to see within 24min, I am confirm your DVR / NVR can’t do it. ‘Auditing’ means 'seeing' what the cameras 'saw'. CCTV video footage should be audited daily; several times a day if need be. Depending on the requirements, auditing of CCTV footage of critical cameras on a daily basis must become an SOP. Auditing will help relevant stakeholders to ‘discover’ the 'unknown'. Auditing as an activity may be manual, it may be post-facto, but it is a very dedicated and systematic process, which helps address some of the challenges of live monitoring (video blindness, poor attention span, boredom, bias, fatigue etc.), as well as the challenges related to alert-based systems (how often has one faced false alerts, or what is called the ‘cry-wolf’ effect). Auditing will help discover issues as mentioned above as well as in identifying and analysing threats and hazards (THIRA/HIRA) of various kinds. Auditing CCTV video footage will also be extremely helpful in waste reduction and following the 5S philosophy, i.e. sort, set, shine, standardize and sustain (all part of Six Sigma practices).  Moreover, in case of an accident/incident, relevant authorities can analyse CCTV video footage to determine whether implementing or improving existing policies, procedures, and processes could help reduce the potential for future occurrences.
And you can transfer those recordings from your computer to hard drive, pen drive, USB and etc accordingly.

The Tradeoff

There’s no right answer here. It’s really a matter of preference and there are plenty of models out there to suit either taste. Understanding each footage storage option will help you narrow down the growing pool of models available today and it will help you understand the features that matter to you most. Camera saw everything, but we can’t see what camera saw.
This Artical published on March 2019 on safe secure magazine 2019.