Excellent article Brian - Thank you. Comprehensive overview and easy to understand :)
Network Ports for IP Video Surveillance Tutorial
Network ports are critical for remote video viewing and recording and without proper configuration, IP video will not work. Beyond that it is critical to understand how they relate to security.
In this tutorial, we examine:
- Why ports are used
- The format for ports
- How ports are assigned
- Well-Known ports for video surveillance
- Uncommon / manufacturer specific ports
- Risks of open ports
- Multiple port use for VMSes
- Using NMAP to scan ports
Why ***** *** ****
* ******** **** ********* **** * single ** ******* *** **** ***** communicate *** ********* ************ ** ********.
** *********** ****, ** ********* ******* multiple '*****', ** ** **,***. ***** (also ****** '*******') ****** ********** ******** for **** ** **** ** ****** in * *******, **** **** ******* to * ********, ** * ******** to * ******. ***** **** * computer **** *** ** *** *** data ** ********, ** **** *** data ******** ** * ***** **** can ** ******* ********* *** *******, or ****** *** ** ******** ** an ***** ****** *** *******, ** web ******* ** * ******* *** so **.
**** *** ***** ***** ** ***** available, *********** ******** ** ******* ******* are ******** *** ******** *** ** specific ************, *** **** ******* ****** up *** ******* ** * ********'* specific ************ ******* ***** **** ******* and ***** **** **** ***.
Port ******
*** *** ********** ***** *** ********* is * ********* ** *** ** address ******. *** *******, ** **** address **** ** ********** ** ****** a ***** *** **** ****** ** the ***, **** **** (**** ***** in ****):
***.***.*.***:***
**** *** ***** * *******, *** might ****** ***** ** ** **** needed *** **** ** **** ******* web ******** ****** **** *** ***. For *******, *** ** ******* **** IPVM.com ** **.**.***.*. ***** ** ****://**.***.***.** and *****://**.***.***.**:** **** **** *** ** the **** ********, ** ** **** that *** ******* ***** / ******* you **** **** ** **** *** type ** "****://"
How *** ***** ********?
**** ******* *** ******** ********* ** three ******, ***** ** *** ******* or *** ******** **** *** ** general ******* ************. *** ********* *****, from #* ** #**,*** *** ******** accordingly:
- ****** *****, **** ***** - ****: ****** ***** *** assigned ******** ********* **********. ***** *** ******** *** *******, well-known ****.
- **** *****, **** ******** - *****: **** ***** *** assigned ****************. ***** *** *** ******** ******** operation ***. **** ************ *** ******** platforms **** **** ************ ** **** group.
- ******* *****, **** ********* - *****: ******* ***** *** not ********. **** ***** ** *********** not ************* *** **** **** *** general ***, ***** *** ******* ** temporary *********** ****** * *******. **** is **** ************ ************* ***** *** for ***** *** ******** ************** ******* their *******/********* *** *******.
*** ***** *********** *** ********* **** functions, ******** ******** ******* ********* (****), ** **** ** *** **** oversight ***** **** ******* ** ******* allocations *** * ****** ** ***** 'root *****' ************** *** ** ****** internet *** ******* ***.
Well-Known *****
**** ** ***** ** ******* ***** being **** ** ************, *** **** generally **** *** **** ***** *** found ** *** '******' *****, *********:
- **** **: **** (********* ******** ********) for ******* ******** *** *** *******
- **** **: *** ******* *** **** transfer, ********* ***** *****
- **** **: ***, ** ****** ***** transfer *** **** ********** *** ****** portal ******
- **** **: ******, ** *********** **** communication, ** ***** **** *** '******* line *******' ** ******* *** **** servers.
- **** ***: ****** ****** *****, ** 'secured' **** *******.********** **** ** ****** ************.
- **** ***: **** (**** **** ********* ********) *** *****, **** ****** *** a ***-********* *** ***** *******
***** *** **** ****-***** *****, ****** most *** *** ******** ** ************ applications. *** * **** **** **'****-*****' ***** ****.
Uncommon / ************ ******** ***** *** ***** ************
*******, **** ************ ******* *** **** assignments **** *** ************ ******** *** their ***. **** ** ***** ************ include:
- **** ****: ***** ******** ******* ***** Recorders *** ********** ******* *******
- **** *****: *********** ***** ******
- **** *****/**: ***** ***** ********** ****
- **** *****: ******** *** ***** ******
- **** *****: **** ****** ********* ********
Port ******** ****
** **** *****, ************ ********* **** use '********' **** ** ******* ***** that **** ** ******** ** **** traffic ******* ******** ********* *** ***. If ***** **** *********** *** *** known *** ********, ***** ************ ******* will *** ****.
**** ******** ********* *** ******** ***** require ******** ******* *** ***** *** those ********** ******* *** ********** ***. In *******, **** ** '******* ****' a ******* ******** ******* *** ***** in ********* ********** ** ***** ** address *** ********* ****. **** ********* the **** ** ******* ******* ** other ******** **** ******* ******* **** a *******.
**** ***** ******** *********** *** ******* ***** **** **** on ******* **** *** *************.
Multiple **** *** ******
************ ******* ********* *** ******** ***** during *********. ******* * ****** ** a ******** ****** **** *** ** address, **** ****** ******** *** **** many ********* ***** ********** ** ******* data. ** *******, ******* ** *** requisite ***** ****** ** *** ************ system ** **** ** *** ******* configuration *******, **** ***** ********* ********** a **** ** ****** ***** **** this *** **** *******.
NMAP **** ******** *****
******* ************ ******* *** **** **** ports, ********** *** ***** ** **** those **** *** ****** ** * key ******* ******** ****.
********** ***** ****** ******* ******** ****** advantage ** ***** ****** ** ************ systems, ***** *********** ** **** ** **** **** ports **** ** ****** *** ***** ports *** ** ****** ** ******* off ******** ** ****** ******** **** UPnP, ******, *** ***. ***** ** provide * ********** ** ** **** scan.
*** **** ******* ** *** **** can ******** *** **** ******** **** port ******** *****, *** ***:******* ** ***********.
Does changing ports from default help with security? Such as changing 80 to 103.
Yes, if you are being scanned, many bots try only the well known ports to save time. You can use one in the thousands, as long as no other network traffic is using it.
Still don't get it. I need a picture I guess. If your coming in from the outside your ip address isnt going to be a 192.168.000.000 number. It will be a public number. So explain it from coming outside to a computer/ server inside with a vms on it.