Ok so you’ve got the scripts from part 1 and you’ve found your special url from part 2. Now it’s time to bring it all together and actually make it work!
You’ll need some sort of linux pc like a raspberry pi or similar, perhaps even a pi zero, or even just a regular linux pc. I’ve got the live monitoring part running on a Raspberry pi 2 and the logging part running on another random linux pc. It doesn’t really make much difference. The stuff we’re doing here is pretty basic and universal so you should be pretty much good to go regardless of the platform.
In this part of the guide we’re going to try and figure out that special url you need in order to pull the images directly off the CCD of your IP cam, which is what you need in order to make the scripts from the previous part of the guide work properly.
I’m going to assume zero prior knowledge so am going to try and explain everything as we go along.
For this exercise this is the camera I’ll be using. It’s just a standard cheapo Wanscam one off ebay. It’s not the IP camera I actually use for our CCTV system but it works the same so will illustrate just how similarly they all work:
This post is the first part of a series which shows how to turn your IP-cam and raspberry pi (or other embedded linux machine. pc etc) into a pretty decent and *reliable* security system which logs images, auto archives old images and cleans up after itself.
It’s free, and all you need is a text editor and a bit of time to figure out the particulars for your system. I’ve done the hard bit which is working out the process and writing the bash scripts to actually do the hard work.
I am seeing this sort of activity every day and the scale has gone bonkers recently. One of my sites was seeing an attack with several thousand intrusion attempts per hour, but each from unique IPs. Each IP was only used once or twice at most. I had to turn off the blacklist email notifications from our bot filter so that I didn’t go through my monthly sending quota in a matter of hours.
Thankfully we’re still standing because it was relatively easy to make adjustments to our bot filtering system but still. yikes.
I realise this isn’t exactly news (given the date of the article) but this fight has been ongoing for a while now. Recently things seem to have escalated though as both defensive and offensive sides have been upping their game. WordPress security is now something you actually need to have a plan for or prepared to become a casualty. Not if but when.
WordPress is great in so many ways, but its popularity makes it attractive as a botnet platform, as well as the bandwidth from the nice always-on servers vs compromised pcs, which tend to get switched off and have crappy upload speeds.
It’s so easy to get going with wordpress (by design) that it ensures the “botherders” have an almost endless source of potential zombies by way of folks who haven’t yet figured out that wordpress security is actually a thing.
Krebs’ was apparently taken down recently by a DDOS from IoT devices so imagine what you could do with a network of wordpress sites…
If you run a wordpress site and don’t run somesort of defences, the chances are you’re probably not monitoring login notifications either which means that you’re not seeing the potentially thousands of intrusion attempts on your site that are happening all the time and at best occupying your server by making it load the page thousands of times for someone who’s trying to harm you.
So basically you won’t even know that anything’s going on until it’s already happened.
Welcome to Plus8 web development. This site rebuild is long overdue but till recently the old site was based on drupal 6 which is no longer supported and had to be pulled since it was a security risk.
My client’ sites are still my priority so progress here is likely to be somewhat slow but hopefully there will be some 🙂
Much of my client work is confidential so there won’t be much by way of examples but there is likely to be some ranting about adwords, split-testing, marketing, wordpress, random coding projects, security and of course bots.