RE: Securing a Barracuda DVR video surveillance system?

["Mike Harlan" <mike () spacedata biz>]

If the cameras are wireless, you'll have to watch out for warspying.  Also,
by opening a bunch of interesting ports on your router is always going to
attract unnecessary attention.

> -----Original Message-----
> From: Jeff Davis [mailto:jeff () dynamictelecard com]
> Sent: Monday, July 25, 2005 10:38 AM
> To: security-basics () securityfocus com
> Subject: Securing a Barracuda DVR video surveillance system?
>
> I have a company that wants to run a 'Barracuda DVR video
> surveillance system' and use the remote viewing capabilities.
>
> I was curious is anyone on the list has
> experience in trying to secure this.
>
> I just got a copy of the installation instructions,
> and there is no mention of how to secure this.
>
> In fact its basically run the install, open a
> bunch of ports on your router.
>
> For the client it tells it only works in IE,
> and then to change your security settings so
> that IE prompts you to allow downloading and
> initialization of unsigned ActiveX controls.
>
> I contacted the company and asked some
> questions about the software.
> I got what I expected.
>
> "The webserver is proprietary..."
> "The database is proprietary..."
> ..etc...
>
> I did get told that they prefer that you
> *not* run any anti-virus software on the
> box, because some of them interfere
> with the surveillance software and also
> degrade performance.
>
> If anyone has more info on this,
> I would greatly appreciate you sharing.
>
> Thanks,
>
> Jeff