Re: Internet camera connection -

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 02/06/2018 02:56 PM, Bob Goodwin wrote:
> I bought twoptz cameras which can be viewed and controlled with the
> family iPhonesand of course they would like to use the "Armcrest"
> cloud/server in order to view them while away during the day. The
> cameras would connect to my LAN and via my router to the Viasat modem. I
> have always tried to avoid such connections to my system and doing this
> is worrisome.

This is typically how most things such as SimplySafe and most home
automation systems). It's essentially a TURN system to utilize the
restricted cone NAT on your firewall. The cameras report out to the
Armcrest server. This opens an outgoing pipe through your firewall
which permits Armcrest to come back through your firewall to connect
to the cameras. The app connects to Armcrest and uses the information
there to get back to your cameras. This is essentially the "RELATED,
ESTABLISHED" conditions you may be familiar with in iptables.

In home automation, the cone NAT connection is generally only between
the automation hub and the cloud service, with the hub doing the heavy
lifting of talking to the automation devices (the individual devices do
NOT talk to the cloud--just the hub).

Is it dangerous? Well, anything that permits incoming data through your
firewall can be bad, but this is generally restricted to just allowing
Armcrest through your firewall in a bidirectional mode. It doesn't poke
other holes and the TURN/cone mechanism only allows incoming data from
the Armcrest server. So it's something to watch, but I wouldn't panic.
----------------------------------------------------------------------
- Rick Stevens, Systems Engineer, AllDigital    ricks@xxxxxxxxxxxxxx -
- AIM/Skype: therps2        ICQ: 22643734            Yahoo: origrps2 -
-                                                                    -
-       A squeegee, by any other name, wouldn't sound as funny.      -
----------------------------------------------------------------------
_______________________________________________
users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [EPEL Devel]     [Fedora Magazine]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Desktop]     [Fedora Fonts]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Fedora Sparc]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux