|
|
|
|
|
|
by sirmoveon
1357 days ago
|
|
|
I'm with you in considering any software in the cameras as a threat, that's why you keep the cameras isolate from the internet. I've audited a few cheap chinese ones and they were indeed filled with vulnerabilities and unknown services running in high ports. The idea that you can't effectively isolate them network wise is just a stretch. |
|
|
> Switches were not designed as security devices. Their use as such simply evolved over time, and is ancillary to their main use as devices that improve network performance. If you use a switch for security reasons, you are relying on the correct configuration of the switch, including understanding not only the standards that the switch software is based upon, but also the correct implementation of those standards. The 802.1Q spec itself is 211 pages long, and is only one of a handful of standards that a compliant switch manufacturer must support. Any time that you need to segregate networks for serious security purposes, I recommend that you not use a switch.
"Framework for Layer 2 attacks" (2005), https://www.blackhat.com/presentations/bh-europe-05/BH_EU_05...