RE: Securing a Barracuda DVR video surveillance system?

From: Murad Talukdar (talukdar_m_at_subway.com)
Date: 07/27/05

  • Next message: DeGrippo, Sherrod (IARC): "RE: vuln testing" 
    Date: Wed, 27 Jul 2005 12:51:26 +1000
To: 'Jeff Davis' <jeff@dynamictelecard.com>, security-basics@securityfocus.com

    Jeff, some of the stores in our system have done something similar.
    One or two of them have used VPN's to be that bit more secure when
    connecting back into the store.

    Does the system have its own machine onsite which monitors and collates? Or
    is the system actually remote and only camera data is sent to the remote
    machine?

    Murad
    -----Original Message-----
    From: Jeff Davis [mailto:jeff@dynamictelecard.com]
    Sent: Tuesday, July 26, 2005 1:38 AM
    To: security-basics@securityfocus.com
    Subject: Securing a Barracuda DVR video surveillance system?

    I have a company that wants to run a 'Barracuda DVR video
    surveillance system' and use the remote viewing capabilities.

    I was curious is anyone on the list has
    experience in trying to secure this.

    I just got a copy of the installation instructions,
    and there is no mention of how to secure this.

    In fact its basically run the install, open a
    bunch of ports on your router.

    For the client it tells it only works in IE,
    and then to change your security settings so
    that IE prompts you to allow downloading and
    initialization of unsigned ActiveX controls.

    I contacted the company and asked some
    questions about the software.
    I got what I expected.

    "The webserver is proprietary..."
    "The database is proprietary..."
    ..etc...

    I did get told that they prefer that you
    *not* run any anti-virus software on the
    box, because some of them interfere
    with the surveillance software and also
    degrade performance.

    If anyone has more info on this,
    I would greatly appreciate you sharing.

    Thanks,

    Jeff

  • Next message: DeGrippo, Sherrod (IARC): "RE: vuln testing"

    Relevant Pages

    • Re: securing ODBC connection details in ASP apps on IIS 6
      ... If you are using ODBC you can use a DSN, which stores the details in the ... You can secure the relevant registry keys (if you're afraid ... This script works fine on win2k. ...
      (microsoft.public.inetserver.iis.security)
    • Re: IM Security
      ... > I am doing some research on ways to secure our network from IM and IRC ... We were looking at going with a business solution like Lotus ... Jeff Derbyshire ...
      (Security-Basics)
    • Securing a Barracuda DVR video surveillance system?
      ... surveillance system' and use the remote viewing capabilities. ... I just got a copy of the installation instructions, ... and there is no mention of how to secure this. ...
      (Security-Basics)
    • Re: IP Level Encryption
      ... Jeff wrote: ... > write a program every bit as secure (probably moreso) using C as a ... further reduce the probability of error. ...
      (sci.crypt)
    • Re: EU aka who *really* pulls the strings in Brussels
      ... 1x Labyrinth, The ... 2x Information Highway ... 1x Secure Haven ... Jeff is right again that Perfectionist would be great here, ...
      (rec.games.trading-cards.jyhad)