1

I tried googling everywhere, but got no help with what I needed specifically.

Let's say I have several IP cameras on a local area network. This LAN will NOT be connected to the Internet. The IP cameras will stream to a central computer over the LAN, some being WiFi based, and some being Ethernet based.

I need to encrypt each individual stream of video from the camera to the router, and from the router to the central computer.

The reason for this is if someone happened to compromise the network password and happened to get in, there would be an extra layer of security, so that they will not be able to sniff the traffic and see the RTSP username and passwords which are displayed in plain text.

My questions are:

  • Can I tunnel RTSP through SSL on the LAN? If so, how?
  • Does the camera need to support SSL first?
  • Can I use WPA2-Enterprise, and if so, what about wired encryption?
  • How do I tunnel things through SSL?
  • Will I need a certificate?

Again, the streams will NOT be viewed over the Internet. The router will not even be connected to the Internet. There will be no WAN capability of this network.

Mohamad Michael Azzo
  • 11
  • 2
  • 1
    I'm going to hazard a guess that this is going to be specific to the equipment/software in use. This is probably a better question for SuperUser or ServerFault, but I'm not going to vote to migrate until there are more specifics. – Xander Mar 19 '19 at 20:56
  • 1
    It's going to depend on the camera, but for most cheap ones like I have you'd probably need to customize the firmware to get it to use TLS. Not really an answer, but the way I dealt with this was by avoiding wireless cameras and simply saying that someone hijacking an ethernet cable from a camera to enter the network is outside my threat model. – AndrolGenhald Mar 19 '19 at 21:08

0 Answers0