Hot Diggety! Tracy Reed was rumored to have written: > On Mon, Apr 26, 2010 at 08:38:58PM -0400, Dan Foster spake thusly: > > We had some great IP-based security cameras but we discovered they were > > Linux based and wide open to multiple vulns thanks to our vuln scanner. > > I wouldn't think it a good idea to put cameras out on the public net > anyway. Wouldn't you put your camera on a private network which only > the camera server/recorder has access to?
Oh, I agree. But the security team has an expectation that even if a device is only exposed to an internal network or somehow locked down but yet has serious (critical) vulnerabilities, it will either be quickly remediated, acceptably ameliorated, or removed. Not unreasonably so. In this case, it worked out to just simply removing it since we couldn't make a strong enough case considering its EOSL status and internal politics. We couldn't even dispose of them in any meaningful way because we had no realistic way of scrubbing data already on the internal storage device... That was an interesting experience, all considered, but one that I'm not particularly eager to experience again. :-) I think I'd probably have had preferred dedicated security cameras (whether IP-based or not) at a better price point. And which could be better amortized had I known all of this up front and had a choice in the beginning. (Not an option here.) Ah, well, in the end, we survived. :-) But I'm meandering off the topic. PoE cameras sounds great. Axis makes some pretty good stuff from what I've seen in the past for other models. I used to know some folks working at an IP PoE network device provider in Texas and a few other locales, but sadly, I think they disbanded and folks scattered, or I'd informally ask my contacts for some suggestions. -Dan _______________________________________________ Discuss mailing list Discuss@lopsa.org http://lopsa.org/cgi-bin/mailman/listinfo/discuss This list provided by the League of Professional System Administrators http://lopsa.org/
