I am wondering if anyone has had some experience with understanding devices and its security for P2P.
I bought a couple of reolink IP cameras RLC-420-5MP and RLC-410-5MP. I use their software as like an NVR and it is pretty good. I never opened ports for these devices through my firewall and one day outside my network just on plain internet I opened their app the cameras sync up and started streaming. So that's cool, but then I needed to understand how that's working.
I then fell into this article. smart devices exposed
I do nmap and I can see several ports are opened besides 80/443 and 554 for rtsp on these cams.
80/tcp open http
443/tcp open https
554/tcp open rtsp
1935/tcp open rtmp
6001/tcp open X11:1
8000/tcp open http-alt
9000/tcp open cslistener
The article explained port 32100 you could block but it isn't even open on these and I know any company can just use whatever ports they want on these devices.
How does this work? The camera sends requests and if there is a handshake the server can do an exchange with the camera? Cause from my knowledge requests on ports can't just be incoming if I haven't setup NAT for it right? I do torrents so I understand a little about P2P but what I don't get is how data is sent back if the router doesn't acknowledge this request to route to the camera.
I thought maybe they just have DDNS inside the cams and their app can pick this up through port 80 to do exchanges, but I can think all I want I'd rather really understand how this technology is working and how I can protect myself from anyone trying to get in or do man in the middle.
