From DerbyCon 5.0, September 26th, 2015

1. Surveillance Using Spare Stuff
Matt Scheurer
(@c3rkah)
Slides: http://www.slideshare.net/cerkah

2. About me...

3. Disclaimer
The informational material presented is for
educational purposes only. The presenter is not
responsible for its use or misuse. No
warranties or guarantees implied or otherwise
are in effect. Use of these tools, techniques and
technologies are at your own risk!

4. Seek qualified legal advice...
● Consult an attorney
familiar with the laws
and ordinances in
your area before
conducting any
surveillance activity.

5. The journey begins…
● How it all got started
– Driven to find a use for my old smart phones
– Decided that IP cameras sounded like a fun project
– Low cost / low barrier to entry

6. Why conduct surveillance?
● Protect physical assets from threats
– Dumpster diving
– Theft
– Vandalism and destruction
● Protect physical barriers or perimeters from threats
– Lock picking
– Social engineering (infiltration)
– Trespassing

7. Components of an effective
surveillance system
● Centralized management
● Monitoring and detection
● Collecting video and/or audio
● Alerting
● Minimizing false alarms
● Archiving and retrieval

8. Spare or low cost equipment

9. Spare stuff item: Old smart phone
● Why old smart phones make
good IP cameras
– Pocket size computer
– Decent quality built-in
cameras
– Built in microphone
– Built in WiFi support
– Easy to power
– Often support extra storage
– Inconspicuous (can be hidden
in plain sight)

10. Spare stuff item: Old Router
● Many support open
source firmware such
as DD-WRT, Tomato,
etc.
● Lend themselves well
to network
segmentation.

11. Spare stuff item: Old Computer
● An old computer (or
VM) may be re-
purposed to run Linux
with ZoneMinder.
● May need beefier
system for monitoring
a large number of
cameras with
ZoneMinder.

12. Spare stuff item: Reflector Lamp
● Optionally used with
an IR light bulb to
flood a wide area with
IR light for night
vision cameras
● Caution: IR bulbs are
commonly sold as
heat lamps and often
run extremely hot!

13. Spare stuff items: Old tablets or IP
cameras
●
Typically more expensive options
– Occasionally listed at sales prices from deal or auction sites
●
Dedicated IP cams with built-in motion control and IR are a big plus
●
Integration efforts
– Combine any number of devices into an effective surveillance system

14. Night Vision Notes:
● All cameras are capable of night vision, but IR light alone will
not give a camera “night vision”
● Camera's may be disassembled to remove the IR filter to
capture or record images in darkness with IR
– Typically a darker red, blue, or purple colored film
● Caution: Removing an IR filter causes cameras to wash out
images with normal or bright lighting
– Workaround: Consider using two separate cameras in the same
area, one for normal lighting and one for darkness

15. Using smart phones as IP Cams
● Many free and low-cost apps are available in the
main app stores enabling your old smart phone to
function as a network IP camera
– Many of these apps support a wide variety of browsers or
various streaming protocols
– These provide a number of ways to monitor a small
number of IP cameras
● Free and low-cost apps are available which provide
simultaneous IP camera monitoring for multiple
cameras

16. Centralized management
● Highly recommend “ZoneMinder”
http://www.zoneminder.com/
ZoneMinder is a free video camera security application suite,
designed for low cost DIY video security including
commercial or home CCTV, theft prevention and child or
family member monitoring including nanny cam applications.
It supports capture, analysis, recording, and monitoring of
video data coming from cameras attached to a Linux system.
Motion detection, emailed alerts and remote viewing are also
supported.

17. What about audio?
● Unfortunately ZoneMinder does not yet support
audio recording, which is reportedly a feature
on their development road map.
● VLC player works well for most audio streams
– VLC player can output audio streams to WAV
format
● Advanced Preferences > Output modules > File
● Resulting WAV files can then be encoded to a
compressed audio format manually or through scripting

18. ZoneMinder Camera Functions
● None: Turns off all camera activity
● Monitor: Live streaming only mode
● Modect: For motion detected still snapshots
● Record: Live video recording mode
● Mocord: Motion detection triggered recording
● Nodect: External controlled triggers and actions
NOTE: These settings only impact the camera in
ZoneMinder

19. Configuring Alerting
● ZoneMinder Console > Options > Email
● Consider setting “Email Address” to a distribution group,
including relavent cell phone carriers text message
domains for added text alerting

20. The power of defined hot zones
● One of the keys to using
ZoneMinder successfully is
the concept of zones. Zones
are areas within an image
that you can define for the
purposes of motion
detection, or even ignoring
motion.
● Helps minimize false alarms

21. Archiving and retrieval
● Backup the following directories:
– /usr/share/zoneminder/events
– /usr/share/zoneminder/images
● Another option would be to synchronize those
folders with off-site cloud based storage

22. Good Practices
● Never put an IP camera directly on the internet
– Lest your own security cameras be used against you...
– Use VPN for remote camera monitoring
● Follow good network security practices
– Segment your IP cameras from the rest of your network
with appropriate access controls in place
● Change all default logins to use strong passwords
● Set unique SNMP strings from other systems and
network devices

23. Patches and Updates
● Keep all camera
firmware, phone
firmware, software,
and the ZoneMinder
host OS up-to-date
– ZoneMinder may
seem like an
appliance, but it runs
on top of a live system

24. Thank You's and Shout Outs!