|
I had a cheap video camera that some people questioned it's connections to external IP addresses. I didn't verify this myself, but after I had loaded the companies beta firmware to add RSTP capabilities I put the thing on a separate VLAN all by itself and blocked everything with the firewall, except for one incoming connection, on one incoming port, from the one computer (on a different VLAN) that I wanted to observe the RTSP video stream from. So that camera could not initiate ANY outgoing connections to anything, and could not receive ANY incoming connections except from that one computer, on that one port, I had designated and opened the firewall hole for.
In this instance I didn't trust the camera 100% (based on unverified internet reports), so I just firewalled it into oblivion. It must have thought it was stranded on a deserted island somewhere. But that worked for my purposes. This camera was easy to put into a secure box. The typical smart device is a little tougher, but you usually can take a few steps to mitigate your concerns if you think that is warranted, and you're willing to do your research and put in a little work.
|