Good advice from apple in another thread - - especially the bit about UPNP, and it reminded me about something I discovered recently.
Last
week a friend forwarded a link to a "security website" that had used
SHOGAN to gather several tens of thousands of urls to common webcam
paths. So far, old news. This is what SHOGAN does.
But that site then presented them as a
"webcam war" type thing - presenting two streams, click on the more
interesting. Okay, dubious morality (there was a disclaimer to say it operated on the assumption the owners were knowingly broadcasting), but I was interested in how these
cams were getting out - not many people have the knowledge to port-forward through nat.
Turns out, it's UPNP. I haven't paid much attention to this technology so wasn't aware of what it did, exactly. Basically, it allows any device within your network to open any inbound port it fancies to itself from the internet.
Well, in this case - Joe Punter buys an ip camera to watch his kid, car, house, garden whatever, plugs it into his network. The defaults on some of these are quite surprising - especially the myriad of Foscam clones (you know, the little golfball pantilt cams that are flooding the market - they nearly all use variants of the foscam firmware with various ui's over the top). But I also spotted vivotek, netcam and axis urls.
The defaults on the camera are to traverse the router's upnp and open an external web port, not only giving the world and his dog the ability to both view the camera without any password at all, but also registers the camera on a ddns service specifically for webcams. With a sequential id. Oh, and no password for admin access.
