Post on 23-Feb-2016
description
transcript
HOME SECURITY WITH VPN’S AND IP CAMERAS
Ryne PurcellEastern Kentucky UniversityDepartment of TechnologyNET Program
2
OUTLINE
• Overview of topic• What is needed to create a VPN• IP Camera overview and configuration• Server overview and configuration• Client setup• Perimeter defense• Intended and actual outcome• Conclusion
3
PROBLEM STATEMENT
• Increasing number of high priced items in the home
• Need of a cheaper and effective security alternative
4
Assumptions
• Has a desktop with the ability to run a server platform (Hardware & Software).
• Has a fast enough internet connection.• Has control over both ends of connection
(Router and Firewall).• User has a Gmail account.
5
Overview of topic• Use a Point-to-Point Transfer Protocol (PPTP) VPN to
gain access to the internal network.• Gain access to server computer’s shared folder and
control IP camera.• Snapshots sent to e-mail taken by camera.• All done from outside apartment or home.
6
VPN and ip camera network diagram
INTERNET
Untangle ServerRouterDHCP
Active DirectoryDNS
File SharingRouting and Remote Access
Laptop/Client
FirewallRouter
Workplace Desktop
Workplace Laptop/Client
C
IP Camera Wired/Wireless
7
Parts list• Server
• MSI Mainboard (Micro-ATX) • 1TB Western Digital 3.5” Hard
Drive• Intel Core i5 Processor/4
Cores/3.30 GHz• 8GB DDR3 1333 DRAM (Crucial)• NVIDIA GeForce GT 430 1024MB
DDR3 Graphics• Rosewill PCI-Express Gigabit
Ethernet Card• Samsung 22” Widescreen LCD• 180 Day Free Trial Microsoft
Server 2008 R2• Partition Editor (Parted Magic)
• Free• IP Camera
• <$40• Perimeter Defense (Untangle)
• Free• Router (Netgear WGR614v10)
• <$40• Total cost roughly around
$1,200.
8
9
Perimeter defense• Untangle Perimeter Defense Server• Runs on limited resources
• 80 GB Hard Drive• 1 GHz processer• 512 MB RAM (Minimum – not preferred)
• Very powerful plug and play firewall• Easy rack snap-ins range from anti-virus and malware to
generated reports.
10
Ip camera overview and configuration
• Install software for initial setup.• Power up and connect with an Ethernet cable to
the network.• Set a static IP for the Camera inside the router’s
DHCP scope range.• Log in and create a username and password.• Set up preferred settings (Motion Detection,
snapshot on detection, record on detection, alarm, etc.).
• Set up SMTP e-mail settings with Google’s Gmail.
11
12
13
Server overview and configuration
• Install Microsoft Server 2008 R2 onto second partition for a dual boot option.
• Once installed apply protection with anti-virus and firewall.
• Set a Static IP address on the External NIC.• Good idea to install Windows Server Backup under the
Features snap-in.
14
Server overview and configuration (Continued)
• Install and configure the required roles for PPTP VPN• Active Directory Domain Services• DNS• File Services
• Create shared file to access snapshots and recordings.• Network Policy and Access Services
• Make sure to configure Routing and Remote Access Services inside of NPAS role.
• Web Server (IIS)
15
Client Setup
• On your client laptop or desktop go into Network and Sharing Center and set up a new connection or network.
• Select “connect to a workplace” and then select “use my Internet connection (VPN).
• Next enter the Internet address of your network.• This will typically be the WLAN address given to your
router from you ISP.• Then enter your user name and password in which you
have created on your server inside the Active Directory. Connect!
16
17
18
Intended and actual outcome• Intended OutcomeUse SSTP VPN to gain access to internal server’s shared folder and control IP Camera. Have camera save recordings and snapshots to shared folder on server. Use Google’s SMTP server to send camera’s snapshots to e-mail on Yahoo account.
19
Intended and actual outcome (continued)
• Actual OutcomeEverything in the intended outcome with the exception of the SSTP VPN. PPTP VPN was used here because of simplicity and the fact that the certificates for the SSTP VPN were not working properly. Everything else went as planned.
20
conclusion• Gained tons of information on Windows Servers, not just
Server 2008 R2• Learned a lot about Virtual Private Networks, specifically
PPTP and SSTP, and the pros and cons of each as well as how to set them up
• Learned you can use Google’s SMTP Server as a man in the middle.
21
References• Combs, K. (Performer) (n.d.). Technet webcast: 24 hours of windows
server 2008. Technet Webcast. [Video podcast]. Retrieved from https://msevents.microsoft.com/CUI/WebCastRegistrationConfirmation.aspx?culture=en-US&RegistrationID=1310844671&Validate=false
• Configure and use your windows 7 remote access. (2011, January 16). Brickhouse Labs. [Video podcast]. Retrieved from http://www.youtube.com/watch?v=CL8NuI9C01M
• Ryan, G. (Performer), & Snow, J. (Performer) (2009, June 4). New backup features in windows server 2008 r2. TechNet Edge. [Video podcast]. Retrieved from http://technet.microsoft.com/en-us/edge/Video/ff710824
22
References (Continued)• Waggoner, R. (Performer) (2009, March 26). Dual boot
between windows xp and windows 7. TechNet Edge. [Video podcast]. Retrieved from http://technet.microsoft.com/en-us/edge/Video/ff710733
• Hester, M., & Henley, C. (2010). Windows server 2008 r2 administration. (pp. 420-455). Indianapolis, IN: Wiley Publishing, Inc.
• Untangle server user's guide. (n.d.). Retrieved March 22, 2012 from: http://wiki.untangle.com/index.php/Untangle_Server_User's_Guide
23
References (Continued)• Technet. (2007, Dec 08). Retrieved from http://
technet.microsoft.com/en-us/library/cc731352.aspx
• Technet. (2005, Apr 15). Retrieved from http://technet.microsoft.com/en-us/library/cc758271%28v=WS.10%29.aspx
• Shinder, T. (2008, Januar 30). Windowssecurity.com. Retrieved from http://www.windowsecurity.com/articles/configuring-windows-server-2008-remote-access-ssl-vpn-server-part1.html
24
References (Continued)• Shinder, T. (2008, Januar 30). Windowssecurity.com. Retrieved
from http://www.windowsecurity.com/articles/configuring-windows-server-2008-remote-access-ssl-vpn-server-part2.html
• Shinder, T. (2008, Januar 30). Windowssecurity.com. Retrieved from http://www.windowsecurity.com/articles/configuring-windows-server-2008-remote-access-ssl-vpn-server-part3.html
• Long, P. (2009, October 11). Set up remote access pptp vpn's in server 2008 . Retrieved from http://www.petenetlive.com/KB/Article/0000103.htm
• Untangle image retrieved from: http://www.thebuzzmedia.com/untangle-offers-vpn-snort-firewall-and-much-more/
25
References (Continued)• Garcia, P. (2010, September 28). Remote access your home
computer - setup a vpn with dd-wrt. Retrieved from http://geekyprojects.com/vpn/remote-access-your-home-computer-setup-a-vpn-with-dd-wrt/
• Shinder, D., & Shinder, T. (2005, September 1). Ten things you should know about troubleshooting vpn connections. Retrieved from http://www.techrepublic.com/article/ten-things-you-should-know-about-troubleshooting-vpn-connections/5845666
• Trapani, G. (2005, July 05). Lifehacker.com. Retrieved from http://lifehacker.com/111166/how-to-use-gmail-as-your-smtp-server
26
Acknowledgements• Professor Vigyan Chandra: Leading the way.• Professor Jeff Kilgore: Knowledgeable input and the use of a standalone PC for Untangled perimeter defense server.
• Stephen Riddle and Zach Craig: Peer advising and insight.
• For all those people who posted in the Technet and Windows forums that helped me through this project.