Community home

.@Br04dB4ndAl With regard to the photo of the router. The yellow ports are 1Gbps. In the lower-right corner of the photo there appears to be a bundle of cables tied-up. Is this the line that you are saying is only at 100Mbps? If so undo the tie and straighten out the cable. There's a good chance that the cable bundled-up like that is the problem.

---

@Br04dB4ndAl wrote:

I don't have any Sky boxes connected.

I have my PC and a Samsung tv connected via via LAN. Neither are gb lan compatible to my knowledge as the pc is over 10 years old and the Samsung tv over 5, but one is reported as connected @ 1gbs and the other at 100mbs, which is strange.

This is the rear of the router:

---

One of the device's is running at 100. Swap the 2 black wires around and I bet the 100/1000 ports will swap.

Unplug one and and see which device disappears from the network and which port turns off. You will them know which device is running at 1000. My bet is the TV.

As @gipjon says all network ports on the THG3000 are Gigabit, however they report the speed they are connected at, which will be what they negotiated with the connected device.

I will say I'm sure more routers without a VPN are sold than those with, and that includes some high end routers.

I doubt any of the major ISP's provide a router with VPN as standard. (I must admit I haven't actually checked)

Vodafone will provide you with a username and password if you want to use your own router.

@Jaytech, I haven't looked recently. 

However, as pointed out above, a large number of users, growing daily, now require a VPN as in the UK at least, the number of users with Home CCTV systems is now massive.

The Youtube links I shared above show the dangers of port forwarding.

It's not in Vodafones interest to have many of it's users systems hacked or turned into DDoS Bot Networks which is the inevitable result of not having a built in VPN.

I think that the economics of supplying a VPN client enabled modem router with a domestic ISP contract are not achievable. The device cost is likely to be a major proportion of the payments received for the broadband service.

I feel that it is also worth noting that many of the manufacturers of home automation devices, including CCTV, have the poorest security implementation and this is why they can be broken into. If the modem router was so insecure then all the other devices that you may chose to attach would also be at risk. The route into your LAN is actually the rubbish CCTV software rather than the absence of a VPN.

I have a nice cctv system and i think it also has a vpn software built-in. But saying that i have not even set a password or anything so any one can log on and view   dont see the point in making it secure. Not as if the Local thrugs are going to try and hack a camera .most dont have the brain power and i dont live in a million pound mansion 

The other thing is, if my router was VPN then every device like the sky box , xbox would be running through the VPN which would be very slow and would cause buffering all the time

---

@Cynric wrote:

I think that the economics of supplying a VPN client enabled modem router with a domestic ISP contract are not achievable. The device cost is likely to be a major proportion of the payments received for the broadband service.

I feel that it is also worth noting that many of the manufacturers of home automation devices, including CCTV, have the poorest security implementation and this is why they can be broken into. If the modem router was so insecure then all the other devices that you may chose to attach would also be at risk. The route into your LAN is actually the rubbish CCTV software rather than the absence of a VPN.

---

The cameras themselves should always be blocked from internet access. The CCTV or DVR however, requires a VPN for secure remote access. Port forwarding should NEVER be used.

Why should the cameras be block . I dont see the issue if some one can see your footage 

---

@Cynric wrote:

I think that the economics of supplying a VPN client enabled modem router with a domestic ISP contract are not achievable. The device cost is likely to be a major proportion of the payments received for the broadband service.

I feel that it is also worth noting that many of the manufacturers of home automation devices, including CCTV, have the poorest security implementation and this is why they can be broken into. If the modem router was so insecure then all the other devices that you may chose to attach would also be at risk. The route into your LAN is actually the rubbish CCTV software rather than the absence of a VPN.

---

Cynic I do appreciate your reply so don't take this personally, but you're wrong. It's nothing about the security implementation it's about the user implementation. No device can be made 100% secure and many are inherently unsecure as sold. When you port forward you advertise to the whole internet that you have X device on the internet and it's looking for a connection.

Your CCTV camera will literally be sat on the internet in plain view saying eg "Swann CCTV Camera, IP Address: XXXXXXXX, Location: Florida, Google Maps will open a location narrowing it down to your neighbourhood street, maybe even your exact house, and the CCTV will camera will literally being saying "I'm here connect to me". OK not all in quite those words but I'm here to make the point.

The problem you don't understand is hackers don't use Google to find devices, they use OCINT Tools and typcially Shodan (well known not giving any secrets away here). Unlike Google, this returns all search results not hides most like the commercial browsers search engines do. If you look at the Video above from the Black Hat Conference you can see it in action. You could literally search for CCTV Camera in Florida using the right terms and it will present you the lcoation and IP address of every port forwarded CCTV in Florida along with it's type and location. In that example they were able to find a radar dome on a super yacht, identify it was in a bay in florida and then hack into it. It's that simple if you know what you're doing. Port fowarding literally advertises to the world, I'm here connect to me, this is my location, device type and IP. When Port Fowarded it will accept a connection.

The only safe way to remotely connect to cameras is via a VPN tunnel. This runs via software included in most routers that sets up a Virtual Private Network between your Router and an external device, typically your mobile phone. The difference here is your network remains undiscoverable on the internet and all transmissions between your router and mobile and encrypted. authenticated and remain private. 

That's why it's important to use a VPN. PF'ing exposes you entire network (not just your cctv) to the world and invites connections. A VPN keeps it hidden and safe.

If you're still unconvinced, in a single hack recently, over 150,000 cctv cameras were compromised simoultaneously:

https://www.bbc.co.uk/news/technology-56342525

There are millions comprised at any one time and compromises can take several forms: -

1. watching the content from your family life and possibly blackmailing you or posting it online,

2. bricking your camera - very common one - altering the firmware so the camera won't boot or operate and becomes unrecoverable junk costing you £xxx to replace it

3. DDoS - installing software backdoors to both allow access and run botting software in addition to the firmware allowing the hacker to use your camera in a Denial of Service Attack against major company websites / servers. Not only is the latter a big issue, but it might end up with the FBI or national crime agency (UK) knowcking at your door and arresting you for questioning as to why your network has been used to attack <insert name of company or Government Agency>.

That's why a VPN is important and in this day and age with CCTV cameras flying off the shelves, whether it's cheap home brands such as Ring etc or high end cameras such as Hik or Dahua, it's irrepsonsible and failing users to not have VPN software installed - there are over 5.2 million CCTV cameras in the UK alone, and the numbers are climbing rapidly. 

Out of those, only 4% are owned by local authorities etc and the rest by home owners:

http://hrnews.co.uk/number-of-cctv-cameras-in-the-uk-reaches-5-2-million/