This is only theoretical, since I don't have any cameras with tamper switches, and don't know how configurable they are. This alone could prevent most attacks, but it requires a managed switch and some programming ability. If an attacker removes the camera from the wall, the script should completely disable that LAN port on the switch and alert you to the intrusion. Configure the tamper switch to execute a script on activation that will immediately down the network port that the camera is connected to and trigger an alarm (you'll need to allow this trigger to pass through your firewall). Enable security features to prevent Layer 2 attacks that could be used to access other devices on the switch. If you can afford it, use a managed switch for your camera network. ![]() Don't allow any unsolicited inbound traffic from the camera network. Add a stateful firewall between the cameras and the NVR and only allow outbound traffic from the NVR that is necessary to monitor and control the cameras.
0 Comments
Leave a Reply. |