If you have encoders or IP cameras that are recording in true iSCSI or edge format, chances are they are recording in a block format within a .DAT file structure. This means there are no true video files to browse or view, and the files cannot be accessed or played without the corresponding indexing files. Also, video iSCSI targets are viewed as LUNs, not network shares, and in most cases, the IQN of the encoders or management systems needs to be added to the privilege list on the iSCSI target to access any of its LUNs. In some scenarios, video can span across multiple LUNs and iSCSI targets, making it even more difficult to access.
Intercepting Live Video
To intercept and watch live video as it is traveling across your network, I need to have completed all three phases of penetration. I also need to know which vendor you are using to determine which ports you are transmitting on as well as how to decode your video. If you are in a true “edge” scenario, I have to wait until the video is requested by a licensed client, as well as know which IP address to monitor.
Now, the question arises about video encryption, which is written into some specifications. Most vendors offer encryption, but once implemented, the customer complains about video quality. I have yet to see encrypted video retain its original resolution and quality after being decrypted. If your video is encrypted and I really want it, I will just hack your viewing station and get the encryption key from your video software.
How Secure is your Video System?
So, I hacked and found one of your encoders. What am I going to do with your hours of video? If I were to spend that much time and effort hacking into your system, I would be better served going after valuable data, not video.
So what are the true risks to your video? In most cases it is internal employees. The following is a short list of issues when video is not secured properly:
• Incident video ends up on YouTube within 24 hours
• Incident video is deleted, intentionally or accidentally
• Cameras are diverted from incident area
• Recording is turned off intentionally
• Storage platforms were formatted by untrained technicians
When choosing a video provider, you want a system that will allow you to implement granular permissions to users and groups for tasks such as exporting, deleting, protecting, and unprotecting video. You want a system that will log activities of all users, including administrators. And, you want to make sure the installing technician has actually been trained on the system.
About the Author: David Brent is a technical information engineer for IT systems at Bosch Security Systems, Inc. He has extensive knowledge of video surveillance systems and holds a number of IT and networking certifications. He can be reached at firstname.lastname@example.org.
DNS: Domain Name System
TCP: Transmission Control Protocol
SQL: Structured Query Language
ICMP: Internet Control Message Protocol
SCSI: Small Computer System Interface
iSCSI: Internet Small Computer System Interface
LUNs: Logical Unit Numbers
IQN: iSCSI Qualified Name