Can we get a Go Fund Me going? We need to get this man a rack.
@xxcr4ckzzxx8404 жыл бұрын
Make it 2. He will probably get some more servers lol
@latenight68154 жыл бұрын
He can buy it himself but he prefers to build it from scrap that's more enjoyable
@Fanaz103 жыл бұрын
@sailorashore or literally everywhere
@itcertsstudy83923 жыл бұрын
Real pros don't even use computer cases, they just drill some holes in some planks.
@Roedy_Coedy3 жыл бұрын
Its so refreshing to see a youtuber that cobbles stuff together to make what they need rather than saying "Hey, Ubiquiti, send me some stuff!". You sir, are my spirit animal. I've subscribed.
@Call_Me_David4 жыл бұрын
Noticed a very distinct humming coming through your lav when you touched the MB at 6:16.
@TechwithShae4 жыл бұрын
Yeah it was some sort of ground hum. Not entirely sure why.
@xxxXXXCH04XXXxxx4 жыл бұрын
What are you paying attention to? lol
@JasonLeaman4 жыл бұрын
You need to build a windows 10 VM and run Blue iris :) then setup the vlans :) then block all traffic except RTSP from the cameras :) Good video !
@EpicLPer4 жыл бұрын
Currently working with some other guys on reverse engineering the Sonoff security cams cause their hardware is pretty nice yet cheap. We already found some really nasty stuff in there including full private keys and certs for their API.
@mar52534 жыл бұрын
lookinf foward to the next video Shae. Thanks for this one
@souta954 жыл бұрын
AFAIK, most US-based ISPs don't allow you to get two public IP addresses. One thought I had is that many DD-WRT-capable routers support assigning VLANs to their switch ports, this plus a couple unmanaged switches may be another way to attack this.
@JasonLeaman4 жыл бұрын
He's in Canada, with Telus we get 3.
@user-zr7kz4vs7c4 жыл бұрын
Hope you can make a video about your IP camera system setup and tips and tricks about that, like your videos a lot, thanks for the content!
@trend_nosig4 жыл бұрын
Excellent channel! So my network has grown over the years and now it's a mess. All my IOT devices, IPC's, NAS etc are on the same network. Please post a full video on your home automation.
@bagassetiawan1478 Жыл бұрын
can you show me about your firewall rule in pfsense for your camera? I kinda noob to set this up.
@rasithapr4 жыл бұрын
Can you share ur firewall rules in pfsense?
@nbarragerАй бұрын
It also doesn't inspire confidence that cameras that use onvif or rtsp instead of XMeye are often double the price
@iamonline322111 ай бұрын
what are the biggest risks. I don't care others will look at those cameras, but does it a threat to my laptops and phone security as well ?
@carloscervantes8364 жыл бұрын
How about using a guest network for IOT stuff to separate them if all you have is wireless IOT devices? Most routers have the ability to set up a separate guest WiFi network but I'm not sure on that IP provided one you show.
@richardross38153 жыл бұрын
well done buddy......well done
@thomasvakyren7 ай бұрын
They also pose a privacy risk. Some garbage that forces a cloud connection to work, from a company with a stated policy about collecting location data, all routed to their server base in china. Brilliant.
@brocktyler28183 жыл бұрын
Thanks Shae
@andymok79459 ай бұрын
Just say no to cloud based security or other devices. Local control or forget it. Should consider using Frigate NVR. Also limit which machines have access to the camera system.
@Aa-es8cg4 жыл бұрын
Sir I have a question. Can i make a wlan without a network cable, i run it with wireless wifi.
@rajilsaraswat97634 жыл бұрын
Since you have two public ip addresses, does the ISP divide the total bandwidth allocated to you between these public IPs? If not you can double your internet speed by load balancing between these two wans. Can you talk about why you have wyze camera linked to your mqtt server?
@TechwithShae4 жыл бұрын
Unfortunately the bandwidth cap is shared between IP addresses, so no speed gains. I was experimenting with custom firmware on the Wyze cam which enables Mqtt and exposes all sensor data (such as ambient light, motion and camera stats) to home assistant. github.com/Dafang-Hacks/Xiaomi-Dafang-Hacks/blob/master/README.md
@maxmeier532 Жыл бұрын
@@TechwithShae I know it was meant as a joke, but seriously, what would happen if someone used the ethernet cable of an outside ip-cam and tried to gain access to the network, what could happen?
@solmesteren4 жыл бұрын
Thank you! Great video!
@maxmeier532 Жыл бұрын
I know it was meant as a joke, but seriously, what would happen if someone used the ethernet cable of an outside ip-cam and tried to gain access to the network, what could happen?
@billballoo78812 ай бұрын
What if you have wireless cameras?
@bret444 жыл бұрын
i just give the cam a static ip and block it from internet access my routers firewall.
@BroadbandBrat4 жыл бұрын
Al you have to do is omit the gateway IP address from the config and the cameras will be unable to send data outside of you network.
@TechwithShae4 жыл бұрын
Sure that works, but I wanted to make sure I was also protected from a physical infiltration (like I joked about in the video). By having them on a seperate VLAN, it stops someone from be able to physically access my network / servers from one of my more remote camera locations such as the back alley. Yeah it's probably overkill, but I take security very seriously.
@BroadbandBrat4 жыл бұрын
@@TechwithShae Nothing wrong with added security for sure.
@64vista4 жыл бұрын
will you want to try Shinobi NVR software? :)
@TechwithShae4 жыл бұрын
I have been keeping an eye on the development of shinobi. I have been very happy with Blue Iris but it is fairly resource intensive. So the question is yes I do, and I will at some point.
@solmesteren4 жыл бұрын
How can people secure their server(s) (games, websites...)? Is it best to have the server(s) on one vlan and the rest of your lan on one?
@TechwithShae4 жыл бұрын
Depending on what kind of servers you are running, it definitely does not hurt to isolate them. If I was running a web server or game server I would definitely have it isolated.
@Wojas230334 жыл бұрын
cant i separate those 2 networks with pfsense router?
@MarkRose13374 жыл бұрын
Yep, you can assign each port on a pfSense device to have a separate VLAN.
@Wojas230334 жыл бұрын
@@MarkRose1337 can I do this with dumb switch and pfsense or do I have to have them connected directly to pfsense router?
@MarkRose13374 жыл бұрын
@@Wojas23033 A dumb switch will usually operate on a single VLAN only. So if you plug that switch into a different port of your pfSense device you can assign a single VLAN for everything connected to the switch. If you get a layer 2 smart switch it will almost certainly support setting VLANs per port.
@Wojas230334 жыл бұрын
@@MarkRose1337 thank you, it helps me a lot!
@EmilePolka4 жыл бұрын
the last option is probably not feasible, PPP only get 1 IP address, even DHCP will let you get multiple address but not all ISP do that, in my case my ISP is in DHCP but if for some reason that you leased another IP with another router, the 1st router that leased a IP will automatically disconnected to the internet and the new leased will only the one gets a internet connection, some ISP actually bind the IP address to 1 MAC address until the lease expires once the lease expires you can use different mac address to assign a wan ip address to it. its probably much easier just get a cheap 8port (pseudo) managed switch, those cheap managed switch usually dont have L3 Routing but at least its VLAN aware. Or maybe your router support DD-WRT or OpenWRT which may turn that old router into a pseudo managed switch (as it can be used for VLANs). There are also some switch available out there in chinese market if you search for VLAN switch that actually have a switch on it that sets the VLAN on or off, that switch is actually just a isolation switch (pretty much like what a AP isolation can do) if the VLAN switch is ON, you can only communicate on the uplink which is your internet source if you want but not on the other ports connected to it.
@ikkuranus4 жыл бұрын
The bottom 2 rules on your CCTV Vlan are doing nothing. Granted, you are still blocking those subnets due to not allowing them in the first place.
@bonelifer3 жыл бұрын
What cameras are you using from aliexpress?
@k1ngjulien_4 жыл бұрын
holy shit those cameras sound amazingly insecure ^^. I'd never want my IP cams to connect to anywhere outside my network.
@timramich4 жыл бұрын
I don't understand, whatsoever, this whole VLAN thing.
@RockTouching4 жыл бұрын
Scary stuff indeed, but the alternative method doesn't prevent the Chinese govt from snooping on you :P
@TechwithShae4 жыл бұрын
Very true. I personally have nothing to hide so bring on the peep show! As long as they have no way of getting into my computers and servers.
@pepeshopping4 жыл бұрын
Port bridging has nothing to do with the routing functionality you are talking about. You can have isolated routed networks regardless of your ISP mode or features! Nonetheless, now we know your network knowledge.
@TechwithShae4 жыл бұрын
Thanks for the feedback!
@pepeshopping4 жыл бұрын
Duhhh, isolate them so they don’t send data to the Internet (only through an app you control and on another network(. I always turn the P2P feature off and only use ONVIF. I would not let them use DHCP in order to have more control and monitor their traffic easier.