122 NOVEMBER 2019|COMPUTER SHOPPER|ISSUE 381
HELPFILE&BUSINESSHELP
I’ve got acouple of ancient Y-cam IP
cameras, specifically they’re Knight SDs
dating from about 2010. Y-cam long ago
stopped supporting them, but theystill
work quitewell, poor resolution
notwithstanding. Currently Iuse one,
connected wirelessly,tomonitor our
downstairs hallway. The second one is
out in the garage recording directly to
an 8GB microSD card.
Theyhaven’t recorded anything much
to worry about over an entire decade,so
I’m loathe to spend moneyupgrading them.
However,I’m aware that although they’re
running the most recent firmware,it’s
from 2014. Are theysecure and, if not, is it
safetokeep using them?
SteveLewin
The answer depends on exactly how they’re
being used. Presumably the camera out in the
garage isn’t connected to your network.
Provided you disabled wireless networking
from the Wireless Setup page in its Network
menu, there should be no risk of anyone
accessing it remotely.Ofcourse,anyone
breaking intothe garage could theoretically
steal the camera’s microSD card, leaving you
without any footage.
Things are more complex with the hallway
camera. We generally recommend disabling
features such as universal Plug and Play
(uPnP) and dynamic DNS (DDNS) on IP
cameras unless they’re absolutely essential. If
you never need to directly access the camera
from outside your own network, make sure
that both features are disabled. Youshould
also visit the User Management page under
the Tools menu and ensure that the
anonymous access box is not ticked.
If you’re particularly concerned about
access from the internet, log intoyour
AremyIPcamerassafe?
router’s admin interface and find the firewall
rules, usually contained in asecurity menu.
Here you could add new rules that specifically
block any outbound access from, or inbound
access to,aspecific IP address on your local
network. This will only work properly if you
first allocateyour IP camera areserved IP
address, and you can usually do this from the
router’s LAN or IP setup page.While you’re
editing router settings, disable uPnP there
too, unless you really need it.
These steps should help prevent the
camera being accessed from the internet,
and thus protect you from aremoteattacker
exploiting any security weaknesses. However,
the camera’s firmware predates the 2016
discovery of the keyreinstallation attack
(KRACK) Wi-Fi vulnerability.Assuch, it
could provide aroutefor adetermined
hacker to gain unauthorised access to your
home network. It’s highly unlikely that
you’d be the target of this kind of attack, for
which the attacker would need to be within
range of your Wi-Fi signal, but you could
protect yourself by switching the camera to
awired Ethernet connection. Remember to
also disable the wireless interface from its
setup menu.
⬆Add more security by blocking incoming or outgoing internet traffic at the router
⬆It’s good to keep uPnP and DDNS switched off,but the camera still has internet access
