Saturday, October 31, 2009

Spoofing IP based CCTV systems

Spoofing IP based CCTV systems with VideoJak
each month we are starting to see major problems that exist along side the ip systems. end users (the customers) just finding out they have very expensive yearly licence fees to run there ip systems and another problem that has just been released is the following artical from america.

Spoofing IP based CCTV systems
The case against the security of IP based CCTV systems was recently highlighted with the release of a new web tool shown at the hacker conference in Las Vegas. A security assessment tool, Videojak has the ability to both intercept Internet video feeds and eject false 'looped' images.

Similar in concept to Hollywood's "Mission Impossible" where the attacker can hack, monitor and record a CCTV feed (when nothing is happening), then play this back in a loop to hide the actual live feed (presumably while Tom Cruise is lowered down on a black rope).
This tool also provides the ability to intercept video conferencing.

To be on the safe side, if you are using any kind of conferencing facility you should assume that the information can be intercepted. With the popularity of IP streamed video systems we are not sure if our network is compromised or not use analog in the top security place.

join : http://www.gobeyondsecurity.com/forum/topic/show?id=2335691%3ATopic%3A16591

Tuesday, October 27, 2009

'On campus security' for SMB/SME (small/mid-sized business firm)

Larger businesses have more resources to guard their premises, Making Small businesses more vulnerable to intrusion and robbery. Therefore, Small businesses should plan and execute there security measures properly. The Security concerns for small businesses would depend on kind of business they are engaged in. A software development firm may want to guard their important data even from its employees. A SM Company might want to guard their valuable commodities like jewelery from theft. Some would want to monitor their godowns and storage. Production and manufacturing unit may want to screen Personals for a possible theft of raw materials etc.
The advancement in the technology have evolved over the years by understanding the needs and threats for organizations. A business owner (out of ignorance or cutting expenses) should not compromise on Security of their organizations. In a broader picture, a properly implemented security system will reduce cost of man guarding and prevent losses by raw material theft, robberies, secret leak etc.
These are the prime areas of implementing a security system-
1) Premises- You may need fencing, site surveillance CCTV, patrolling guards, etc.
2) Entrances and exits- You may need to monitoring exits or entrances with CCTV. Install metal detectors or door alarms.
3) Authorized Entry- An access control system for employees according to hierarchy levels. Issuing of access control cards will also help in attendance at main entrances.
4) screening- at production units, where the employees handle raw material.
5) Response method- installing security or fire alarms, emergency security dialer which can automatically call and inform 10 telephones numbers when the alarm is triggered.

Saturday, October 10, 2009

DO EMI & Video Signals Mix? No they do not.

DO EMI & Video Signals Mix? No they do not.

EMI (Electromagnetic Interference) is a disturbance in an electrical circuit.  The source of EMI can be any object that contains rapidly changing electrical currents.  Almost anything that uses electricity to operate is a source of EMI.  The problem with EMI, concerning surveillance, is that it distorts video signal.  When installing a CCTV system, it’s important to run cables away from sources of EMI.  Otherwise, the video feed on the DVR will be extremely fuzzy.  This should definitely be taken into consideration when installing a surveillance system in an industrial environment.  One common source of EMI is fluorescent lighting.  Fluorescent lights are common in industrial areas.   Running cable close to these lights should be avoided at all costs.  If cabling absolutely has to be run close to fluorescent lights, then it should be ran in some type of conduit that is properly insulated and will create a barrier between the video cable and the light.

Saturday, October 3, 2009

Your cell phone to home wi-fi network Connection

Connect your cell phone to home WIFI network ( BSNL Broadband) & Watch your Office

Requirements :
* Wifi enabled Handset
* Active Internet Connection with WIFI router modem

Configure your router modem to use the PPPPoE connection type
Restore your router to factory settings (Preferred & recommended). See your router manual. Type in   192.168.1.1 in your url address bar and hit enter.  You will be prompted for a username and password which generally is admin and admin respectively unless you have not configured it manually. Also, the default username password could be different if you have a different model. Refer your router manual.
192.168.1.1 is an IP address in the private IP address range 192.168.0.0 – 192.168.255.255. Many network devices, such as LinkSys routers, use 192.168.1.1 as their default IP address.


Now follow these steps :





Configure your Wireless Security :


TCP/IP Settings:



Now, Configure your phone:  ( I  AM USING NOKIA 5800 XM )









Here we are !  Now Browse wireless @ great speed without 3G hassle ( at least when you are in WIFI hotspots ! )

Monday, September 28, 2009

A Brief Introduction of NVR

A Brief Introduction of NVR | IPC Systems
Network Video Recorder namely NVR, is an internet protocol based device that sits on your network and is a centralized, networked recorder solution that connects multiple IP cameras simultaneously. It can record video in a digital format to a disk drive, SD memory card or other storage devices. Because they are IP based, network DVR can be managed remotely via your LAN or over the Internet giving you greater flexibility.

Best Wireless Outdoor Security Camera System for Home & Business Surveillance
Are you tired of the long cables? How can you get rid of it? With the arrival of the high definition monitoring age, NVR system becomes the main stream of security industry for monitoring. Because of its characteristics, it becomes popular among users.

Main Features of a NVR Security Camera System

1. Wireless solution -- No cables are needed for wireless outdoor security camera system, free yourself from long video audio wires and enjoy the convenience of wireless.

2. Safety Transmission & Monitoring -- Under a private network transfer protocol, this network video recorder ensures security during video transmission and network remote monitoring of your cameras.

3. Plug-n-play, Hassle-free Setup -- There is no need to incur the cost of hiring and installation technician, as NVR is easy to setup n a matter of minutes. Just connect power to the NVR, join your network, and you’re done.

4. NVR Auto Add IP Camera -- Once the system has started, intelligent IP search software will automatically begin searching for IP cameras in the same local network. Up to four cameras will be added to the NVR automatically.

5. Instant Email Alerts if Alarm is triggered -- This system is designed to send an email alert, complete with photo of the activity, if alarm is triggered, or if it experiences exception such as hard disk error or no space.

6. Super Convenient Control via IE Browser -- Via IE browser, nearly all of the NVR actions can be implemented including: real-time preview, download and playback of video footage, configuration of NVR parameters, and upgrade of devices.


In all,now New NVR features a compact and elegant appearance, optimal metal housing of the four IP cameras enables them to work in various weather conditions wirelessly. It is a perfect choice for someone who does not want to drill holes on the wall, which save trouble on cables and wires. With the digital wireless condition, NVR security systems enable you to monitor your home or business anywhere anytime which ensure your home safety and give you peace of mind around the clock.

Thursday, September 17, 2009

The trouble with wireless system

Marketing literature regarding wireless systems (of all types) generally paint a picture of effortless installation with uncompromised operation. Unbelievably these wireless products don’t always live up to the promises made in the bumf. I will never forget when a colleague of mine installed a satellite navigation system with a Bluetooth wireless connection between their PDA and the GPS device. Both the PDA and GPS devices had batteries that lasted about an hour, so for most journeys they both needed to be plugged into the car's cigarette lighter socket. As there was only one socket my colleague required another device to allow the connection of multiple plugs. The Bluetooth connection between the devices would work fine, until you got to a tricky roundabout in Paris and then it would stop working inexplicably. This meant another cable was required to connect the PDA to the GPS. In addition, to fix the PDA in position a large piece of plastic with a sucker on one end was required. With wires dangling everywhere the whole thing felt like Darth Vader’s bathtub. Definitely not as advertised.

Sometimes wireless systems just don’t work properly. Any of you with experience of the cheap and cheerful intruder alarm systems that have been available from DIY stores for years will know what I mean. It may or may not be the case now but these systems have a well earnt reputation for being unreliable. The problem seems to be not only the wireless technology used but also the way it has been incorporated and used in the system design. Whatever the reason it’s no good.

Whichever way you look at it a wireless connection is not as reliable as a wired connection. Wireless links are affected by their environment and this can change in ways that can be anticipated and ways that can’t. Large metal things like cars being parked in the wrong places can cause problems for example. In addition, every building has a unique environment and this makes specifying what equipment to put where very difficult. 

Having spent the last few paragraphs chiding wireless systems I would like to announce that Paxton Access are soon to release a wireless Net2 control unit. 

It’s called the Net2 nano control unit and it has been designed with all of the above problems in mind. The 'wireless bit' is the data connection from the PC to the control unit. Here are my answers to some of the issues raised in the earlier paragraphs:

If I still have to wire in the power supply, reader and exit button then what’s the point?
Wiring a dedicated RS485 network is often the most time consuming and problematic part of a Net2 installation. Not having to cable round the building is a big plus for a lot of projects. We sell a lot of Switch2 stand alone systems precisely because you don’t have to wire all the control units together. We can now offer PC based features with the ease of installation that comes with stand alone systems (does that sound too much like the marketing material I was berating in the first paragraph?)

How can I specify what equipment to use if every building has a unique environment?
We have an installer tool called a Net2Air site surveyor. This consists of two parts, a USB plug-in transmitter, and a battery powered keycard with signal strength LED’s. When doing a site survey, plug the transmitter in where the Net2 server PC would be located. Walk around to each door checking the signal strength on the keycard. If you get green LED’s lighting up then that’s fine. If you can only see red LED’s then the signal strength is not good enough.

What happens if somebody parks a bus in front of the control unit and breaks the wireless connection?
It doesn’t matter. The wireless connection is only used for transferring data such as access events and new access privileges. All decisions regarding access are made locally at the control unit. This distributed intelligence means that if the wireless connection is broken the system continues to allow access to authorised users in the usual way. When the connection is restored the events are uploaded to the PC.

What if I install the system and it just doesn’t work?
If you install a control unit and it is out of range we have a TCP/IP wireless repeater. This device plugs into the computer network at any point and will extend the wireless network in all directions around that point. This device has the option of using Power Over Ethernet for convenience.

Will the wireless signal damage my children and make them go orange?
No. The type of wireless communication used by Paxton Access is a low power technology designed to work using batteries. The specifications have been determined by the IEEE commission (the people responsible for WiFi) and its signal strength is approximately 5 times weaker than that of the wireless PC networks that most people currently have at work and in their homes. Signal strength should not be confused with the range as in many cases the range of our low power technology is equal to that of WiFi.

What if the Net2 nano wireless control unit just isn’t suitable for use on a particular door?
No problem, use one of the other Net2 control units (Net2 classic, RS485 or Net2 plus, TCP/IP). All Net2 control units are designed to be mixed and matched as required.

Monday, September 7, 2009

Section 43 Of The Information Technology Act, 2000(amended in 2008) in INDIA

Section 43 Of The Information Technology Act, 2000(amended in 2008) in INDIA

Internet is a window to me. Well, it is a window to millions of users like me. This window brings in good inflow of knowledge, some sweet breeze of friendships, economic inflow for some, and also dusty wind which carries viruses.  Even those, who do not access internet from their own computers, may bring to their own “safe computers” or to other’s computers all these unwanted pollutions by secondary methods like CDs, Pen drives, Floppies etc. I bet that every common man, woman or a school going child who uses computer, is afraid of pollution of computer.  There are hundreds of modes to pollute a computer ……nonetheless, hundreds of reasons too for doing this mischievous act. The Indian Information Technology Act recognizes two  most prominent modes of polluting the computer under section 43© , i.e introducing or causing to introduce computer contaminant and computer virus. Note that the mode is a two folded mode, i.e either directly introducing or causing to introduce.  This direct or indirect operation includes introduction of any computer contaminant and/or computer virus to the computer as a machine, computer system and the computer network as a whole.
Look at the draftsmen’s  particular observance on the distinguishing feature of ‘computer contaminant’ and ‘computer virus’….explanation to section 43 says under clause (i) that “computer contaminant” is a term which has been used to indicate “any set of instruction” which is designed to
(a) modify,
(b) destroy,
(c) record,
(d) transmit  any data or programme residing within a computer . The term also includes any set of instructions which is designed by any means, to  usurp the normal computer operations. This means that this provision penalizes any or the whole activity done in this course.

             Now, coming to the term “computer virus”, the first thing which came in my mind was the usage of the term “virus” in the very thought provoking movie “3 idiots”. The protagonist and others in the movie named the strict disciplinarian head of the institution “Virus”. It was a short form of his name “Veeru Shasrabudhhi”. But I felt that probably the movie wanted to establish the fact that “Virus” was polluting the minds of young aspirant researchers……………..exactly the way computer viruses pollute the data within the computers which may have been produced after real hard work. The legislation aforementioned in its explanation under clause (iii) clarifies what is meant by the term “computer virus”. It is explained as computer instruction, data or information or programmes that can either destroy, damage, degrade, adversely affect the computer functioning; or can attach itself to another computer resource and operate simultaneously when any data , instruction or programme is executed in that computer resource. The language of the legislation therefore indicates that ‘computer virus’ can include ‘computer contaminant’ too. Nonetheless, computer virus and computer contaminant could be the two prominent modes for hacking, besides monitoring and modifying the contents. Section 43 regulates such pollution of the computer (inclusive of computer contamination and polluting the computer through virus attack) by awarding pecuniary sanction of Rupees 1 Crore which the guilty person has to pay as compensation to the person affected as such.

Taking this provision as the base, hacking and modification of the content by such “pollutions” have also been regulated by Information Technology Act, 2008 under Section 65 (especially when the offense includes destruction, alteration of the computer source code which is required to be maintained by law for the time being in force) and section 66 (which includes all the offences as has been mentioned under Section 43, including ‘polluting’ the computer). Section 65 awards sentence which could be either imprisonment term up to 3 years or  pecuniary sanction which may extend to two lakh Rupees , or both; whereas section 66 awards sentence which could be imprisonment which may extend to three years , or pecuniary fine of  five lakh Rupees, or  both.


Hence do not take computer contamination or virus attacks lightly. If you are a programmer and you are asked to create any such programme, think again how it may affect you if you were the victim. If you are the victim, do not encourage any “techy” to beat the wrongdoer. The law is there to help…..however, how far it can be used and executed, remains still a matter of debates.