Nostr Web Client

Amcrest wired IP cameras connected to a Synology with surveillance center on a vlan. Need to get a dedicated switch for them. I do have their doorbell camera over wifi, but that one is a royal pain. Thinking about adding another wired camera to the front and just get a normal doorbell.

ChipTuner 10mo ago

Ah another vote for Amcrest! Yeah if you can afford to make it happen, a physically separate network is definitely the way to go!

Reply to this note

Please Login to reply.

Discussion

Daniel Wigton 10mo ago

I forgot that I actually do have a small poe+ switch for the cameras. I need a router with more interfaces though. I vlan all the crap I don't want talking to other things. I wish I could define a lan where anything on it had 0 permission to talk to anyone at all, even peers. Don't speak unless spoken to.

Maybe some fancy switches can do that.

ChipTuner 10mo ago

I think this can be done at l2, I have heard of something like that but anytime you have tagged traffic access you can hijack a connection. Which I assume is the case for your hypervisor hosts (it is for mine) I need to be able to put VMs on certain vlans and the host needs to be isolated. So at that point it doesn't really matter what you do if anything on l2 can access it if it wants to.

Daniel Wigton 10mo ago

Yes. I have a trunk to my hypervisor. Most ports are untagged though or default to an unused vlan id. So there are maybe 4 devices that could in theory jump vlans, but if any of those are compromised I am toast anyway.

ChipTuner 10mo ago

Yup. I'd argue depends how they get compromised but yeah.