if it were stolen?

A place for discussion of topics that are not specific to ZoneMinder. This could include Linux, Video4Linux, CCTV cameras or any other topic.
Post Reply
ynn
Posts: 152
Joined: Fri Mar 17, 2006 2:30 am

if it were stolen?

Post by ynn »

I have a question, if my ZM server were stolen and then since he does not have any access to the ZM web page nor the linux login itself, is it possible that the thief take the hard disc out and then swap it to his server as slave secondary HD and then get all the events images out? can it be done?

thanks.
jameswilson
Posts: 5111
Joined: Wed Jun 08, 2005 8:07 pm
Location: Midlands UK

Post by jameswilson »

yep you must keep the machine secure, as a std install then images are stored and 'could' be retrived. Im sure you could encrypt it someway but if you have access to the machine its all defeatable
James Wilson

Disclaimer: The above is pure theory and may work on a good day with the wind behind it. etc etc.
http://www.securitywarehouse.co.uk
User avatar
Lee Sharp
Posts: 1069
Joined: Sat Mar 31, 2007 9:18 pm
Location: Houston, TX

Post by Lee Sharp »

You could use an encrypted filesystem for /. This would require a password to boot, and would not be trivial to set up. You could just encrypt the filesystem mysql is on, but that means manually mounting and starting mysql and zoneminder. Again, less than simple...
jamescollings
Posts: 59
Joined: Wed Nov 22, 2006 11:26 am
Location: Bucks, UK

Re: if it were stolen?

Post by jamescollings »

ynn wrote:can it be done?
As others have said, it can be done. I must admit, though, that my main concern with the Zoneminder system being stolen, is that i would lose the images recorded of the thief! To this end, there is an FTP filter that will automatically FTP events "off site", so that they can be viewed even if the main system goes missing.

I am not too worried that the thief might be able to see the images... what sort of things are you recording on your cameras that you wouldn't want anyone else to see???? :oops: :oops: :oops: You haven't set up an IR camera in the bedroom perchance?
gr8bytehuntr
Posts: 6
Joined: Wed Mar 24, 2010 1:51 pm

Post by gr8bytehuntr »

I'm considering ZM for a security system and thought perhaps the events could be housed in an external USB drive, hidden or locked away from the server.
Is this a realistic expectation?
Which apps/processes/folders would need to be moved to the external drive?
Is mirroring simpler?
jamescollings
Posts: 59
Joined: Wed Nov 22, 2006 11:26 am
Location: Bucks, UK

Post by jamescollings »

Like I mentioned, there is an FTP filter that will save all your images off to a remote location (which could just be an external NAS attached to your network in another location).

Or alternatively, you could install Zoneminder onto an external USB connected disk... and house that disk in this puppy.
http://www.sentrysafe.com/products/prod ... aspx?s=278

The USB disk sits inside the safe but is still powered and accessible to the remote server. The Safe can be bolted to the floor or wall, so the thief has to be quite committed to take your hard disk with him!
User avatar
kingofkya
Posts: 1110
Joined: Mon Mar 26, 2007 6:07 am
Location: Las Vegas, Nevada

Post by kingofkya »

Also most theifs will boot up the pc looking for password and other stuff saved So this may be of interest also for prey to work you might also want to have a autologin user with minimal permission so they can go looking for password giving prey time to act.
http://preyproject.com/
Also small camera hiding behind a bay might be a nice idea too.


another simple idea is simple a cam above the pc that auto emails you. And attache the pc the the wall with a security lock.
Flasheart
Posts: 342
Joined: Thu Jul 06, 2006 2:27 pm

Post by Flasheart »

One caution about requiring a password for an encrypted fs - if you do this, ensure your system and power are 100% stable. No point having cctv at all if the zm box is waiting at boot with a password prompt...

I think most thieves, when confronted with a linux server that prompts for a user/login will just fence it or try and install windows on it. Chance of them having the knowledge and determination to get it up and running is pretty small as they wouldn't really know what it does (unless you wrote CCTV server all over the case) - unless it's an inside job ofc. (My experience may be influenced by the poor quality of the thieving element in our locality, ymmv.)

gr8bytehuntr - yes, a remote disk hidden either locally or very far away is a very workable solution. The only caveat is that you need to do your bandwidth calcs very carefully as speed is going to be an issue with I/O on a busy server.
User avatar
kingofkya
Posts: 1110
Joined: Mon Mar 26, 2007 6:07 am
Location: Las Vegas, Nevada

Post by kingofkya »

Another thought e-sata drive locked in a safe or simple a N.A.S.
gr8bytehuntr
Posts: 6
Joined: Wed Mar 24, 2010 1:51 pm

Post by gr8bytehuntr »

Thanks for the ideas. I'll have to hack around a bit to move ZM from my on-board drive to an outboard, USB drive. Then, even if the PC is stolen the hidden drive will retain the perp's ID.
sypheXsquare
Posts: 10
Joined: Sat Sep 23, 2017 5:05 am

Re: if it were stolen?

Post by sypheXsquare »

Use cloud storage. That way the thief would have to steal the entire cloud to take your footage.
AnotherBrian
Posts: 112
Joined: Tue Jul 27, 2010 6:36 am

Re: if it were stolen?

Post by AnotherBrian »

Using crypttab and fstab and a non-secure encryption key, the mounting of the encrypted drive can be fully automated. The thief would need to be more sophisticated to figure out what was going on to access the zoneminder data. If they boot up, they won't see it because they don't know the user logins and can't get access. If they mount it as a second drive, then it remains encrypted and they would have to figure out the fstab and cryptab stuff.

Keeping the non-secure encryption key on a different machine defeats the thieif's attempts to see the info. rc.local would be used to fetch the key (e.g.,, mount remote fs) and then mount the encrypted drive. fstab cannot be used to automate because fstab issues mount commands asynchronously at boot time. With fstab it cannot be assured that the remote file system is present before attempting to mount the encrypted drive. rc.local, on the otherhand, runs just before the run level changes such as run level 0 (booting) or 6 (rebooting) changing to multi or single user.
apolonio
Posts: 14
Joined: Thu May 17, 2018 10:09 pm

Re: if it were stolen?

Post by apolonio »

I have a filter simply email me images to a gmail or other web account. Needs regular cleanup though.

But the other stuff about passwords and your privacy etc. Yeah that still sucks and something needs to mitigate.
Post Reply