Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
HomeAnnouncementsFree MagazinesWhite PapersSubmit Content
Discussion GroupsASP.NETWindows FormsLanguages.NET FrameworkVisual Studio.NET
Articles.NET FrameworkASP.NETToolsWindows Forms
.NET DirectoryOpen Source ProjectsUser GroupsWeb Resources
Related Topics
Visual Basic 6SQL ServerMS AccessOther DB ProductsMS Server ProductsMore Topics ...
.NET Forum / .NET Framework / Security / November 2007

Tip: Looking for answers? Try searching our database.

Possible to restrict IP address access using ACLs?

Thread view: 
Enable EMail Alerts  Start New Thread
Thread rating: 
StevenVibert@hotmail.com - 26 Oct 2007 13:56 GMT
I'm in the process of writing a WinForms application that will allow
viewing MJpeg streams from 30+ ip cameras located throughout our
facility.  None of the cameras will be accessable via the internet.

Each camera has password protected access for up to 5 users.  Some of
these camera are located in sensitive areas and I need to allow/deny
access to the camera based on AD group membership.

At present, I'm using System.DirectoryServices to get the user's group
membership and based on that membership allowing or denying access to
the camera.  While this works, it forces me to hard code the camera's
password in the application and it doesn't solve the problem of a user
being able to enter the camera's ip address in a browser and being
presented with a camera log in screen.  The latter is less of an issue
as it's unlikely that the user would be able to guess the camera's
username and password.  However, I'd much prefer to make the camer'a
invisible to users that don't/shouldn't have access to these cameras.

Is there any way to limit access to specific ip addresses based on a
user's AD group membership?  If not, does anyone have any suggestions?

Thanks -- Steve
Reply to this Message
Henning Krause [MVP - Exchange] - 27 Oct 2007 18:46 GMT
Hello,

I think this is more an infrastructure question.

I would suggest putting the cameras in a different subnet (or vlan) and
protected this subnet with a firewall. Microsoft ISA Server can allow/deny
traffic based on Windows group membership.

Kind regards,
Henning Krause

> I'm in the process of writing a WinForms application that will allow
> viewing MJpeg streams from 30+ ip cameras located throughout our
[quoted text clipped - 18 lines]
>
> Thanks -- Steve
Reply to this Message
StevenVibert@hotmail.com - 01 Nov 2007 22:13 GMT
Henning,

Thanks for the suggestion--I'll have a look at what setting up ISA
Server entails.  This would certainly be the cleanest approach.

-- Steve

On Oct 27, 1:46 pm, "Henning Krause [MVP - Exchange]"
<newsgroups_rem...@this.infinitec.de> wrote:
> Hello,
>
[quoted text clipped - 35 lines]
>
> - Show quoted text -
Reply to this Message

Free Magazines

Get these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...

Oracle MagazineNetwork ComputingComputer WorldBio-IT WorldeWeekInformation WeekInfosecurity
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2008 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.