Not directly Home Assistant related yet but this is the first step.
I am looking to install a Reolink POE doorbell and having very little network knowledge was unsure if there is a security risk having an ethernet cable running into the back of the doorbell. If someone were to remove the doorbell they would have access to the ethernet cable, could they then access devices and data on my network? Should there be any security steps I should take when installing security via ethernet outside?
For further information I have not decided yet if i’m using an nvr or a nas to record the video, I know i want it to be local and avoid the cloud, and I will certainly be running it through Home Assistant and want to receive the usual notifications and possibly run a few automations based on doorbell ring or presence detection.
Best practice would be not expose your network to the “outside” without taking extra measurements like encryption and authentication. While this is the “default” for WPAx WIFI’s the ordinary ethernet is missing this.
Ether only provide power (the P in PoE) over the cable and use wifi for coms or implement at least some authentication if you prefer the wires. You also wanna make sure that the ethernet is not (too) easy accessible - maybe by using some security screws or so
I just find video doorbells only require a paperclip to remove from the mount so the screws are largely irrelevant. I’m probably being overly cautious as someone plugging in a laptop outside my house to the ethernet would be quite obvious
I was going to avoid WiFi because whilst I have a strong WIFI connection I’m certain some delivery companies have used WiFi blockers in the past as some events doesn’t get recorded correctly.
I have a Unifi Poe switch, so I have created a mac address filter on the port that goes to the camera. That way the link only works with that one mac address… if someone was to plug in another device it would not work.
Well, that is some protection, but bear in mind that mac of network card can be easily changed in laptop…
Regarding tamper switch: if unit doesn’t have it you can add any microswitch, it will also do it’s job.