1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Thibor Port Redirection & Camera Security

Discussion in 'HyperWRT Firmware' started by joelinkup, Nov 6, 2007.

  1. joelinkup

    joelinkup LI Guru Member

    I have a WRT54GL Router with the Thibor 15c firmware (wonderful) and 4 Panasonic BL-C131A Cameras...ALL works GREAT...However, in order to use the 4 Cameras I must have 4 Open Ports...I also have Dynamic DSL so I use a DNS Server...When I ping the IP/Ports and the cameras are Active there is a response...When the cameras are unplugged there is no response...OK...All is good and works well...BUT I discoverd that if I use PORT REDIRECTION instead of Port Forwarding I can still have the Cameras work OK...BUT if you ping either the REAL IP/Ports or the Redirected IP/Ports you DO NOT get a response...Therefore, the Open Ports when using this configuration are more difficult to be seen by a hacker is my thought...But the Cameras work just fine...This seems to be a major security boost using Port Redirection...Am I on to something or is there really no extra security measures going on here...Thanks a lot...
  2. RonWessels

    RonWessels Network Guru Member

    The reason that connections work but ping doesn't is because ping is neither TCP nor UDP. It is ICMP. ICMP packets are not port-forwarded.

    Port probes typically do not use pings for exactly this reason. They attempt to open a connection, which would get port-forwarded.
  3. joelinkup

    joelinkup LI Guru Member

    Ron...I do not fully understanding of your explanation...Does this explain why when I Port Forward the Real camera ports the Pings DO show up...But when I make up some bogus ports and Re-Direct them to the Real Ports the Pinks DO NOT show up...BUT in either case accessing the wireless cameras over the Internet works PERFECT either way...Please explain further that your response explains what appears to me to be a security enhancement...Thanks a lot...
  4. RonWessels

    RonWessels Network Guru Member

    First, what exactly do you mean when you say that you "ping the IP/Ports"? When doing a "ping", there is no port specification.

    And actually, thinking about it some more, my explanation doesn't really make sense since the ping ICMP packet should not be forwarded in either case.

    Or are you talking about something other than the standard ICMP ping?
  5. joelinkup

    joelinkup LI Guru Member

    You simply probe ALL your 64,000+ ports if you want to or just your known open ones with ICMP Echo Requests to each port...When you use Port Forwarding alone the Open Ports for the Camera sends a response back and you get an OPEN PORT indication...When you use a Bogus Port and ReDirect it to a Real Camera Port and then do a probe then ALL the ports show Stealth when probing the Real Open ports or the Bogus Open ports...Stealth is Great as there is NO indication that a port is open to anyone...I have 12 cameras...4 each of 3 locations and all work GREAT all the time...I stumbled onto this Port Redirection thing and know HOW to do it...and I like the Stealth results...But I do not know the WHY of it all...I always need to know WHY as it may lead to another good thing...Thanks...
  6. RonWessels

    RonWessels Network Guru Member

    Ok, I see we have a nomenclature issue here.

    ICMP packets do not have the concept of "ports". That is introduced by the TCP and the UDP protocols. What a port probe does (typically) is attempt to open a TCP connection to the remote machine/port. If the TCP connection negotiations proceed, there's something there and the port is considered "Open". Strict adherence to the TCP protocol requires a "nobody listening at that port" reply if the machine exists but the port is not bound. This is known as "Closed". Most routers nowadays break the TCP protocol and simply discard the packets, giving the attacker no information that the machine is even there. This is known as "Stealth".

    In your port forwarding, did you forward both TCP and UDP packets? In your port redirection, did you redirect both TCP and UDP packets? Does your camera use a TCP virtual circuit or UDP datagrams?

    My guess is that you only redirected UDP packets, and that your camera only uses UDP packets to send the video.
  7. joelinkup

    joelinkup LI Guru Member

    OK...It seems we may be on the same page now...I am relatively new to all of this stuff...I have learned a LOT recently but my knowledge is still somewhat scattered at times...To answer your questions...I DO NOT USE the Port Forwarding Menu on the router at all...I DO USE ONLY the Port Redirection Menu...In my redirection I have the default set to BOTH for the TCP/UDP as I do not know which one my cameras use...Now back to my delima...As I have explained before when I use the Redirection Menu functions ONLY the probe shows Stealth when I probe either the Bogus Ports that are redirected or the Real Ports that they are redirected to...IF I use the Port Forward Menu ONLY instead (for testing purposes) with again BOTH TCP/UDP the probe shows Open...Either way all the cameras work all the time...This remains confusing to me as to why this Good Thing (Stealth, when using redirection only) happens AND the cameras continue to work...No Issues...Thanks for all your time...I appreciate it...Also, this is the first and only forum I have even attended and yesterday I got a Private Message from someone called RyderChick a banned user it said...I was directed in that message to some kind of a book to review but I DID NOT fellow the link...I am not familiar with this type of activity...Could you perhaps explain what all this is about also...Thanks again...

Share This Page