Managing a Ring Doorbell

Follow
Avatar
Anil Rhemtulla

I keep getting alarms from my Ring Doorbell as it uploads data to various IPs. I figure there must be many of you out there with the same issue - how are you handling it?

Ideally, it would be nice if Amazon/Ring provided the IP range of their servers that expect the uploads. Since that's not the case, I guess I'd like to allow a range of IPs 13.52.* (it looks like there are a few more IPs in addition to that range). Is that the best way to do this - wait for range support?

My thought is that although I hope hackers never get into my system some of that is outside of my control. If I can nail down the expected outbound traffic it should help with an early warning system that something is wrong.

How have you guys configures your outbound traffic for devices with consistent behavior? e.g. Ring, Cameras with cloud recording, etc.?

Thanks,

Anil

 

0

Comments

4 comments

Sort by Date Votes
  • Avatar
    Hatadds

    I realize that this was posted two weeks ago, but I thought I would reply.

     

    I have a mishmash of cameras that upload to the cloud, Arlo, D-Link, Ring(s).

    I have never had an issue with the Ring or Arlo camera uploads. I have done zero configuration changes.

    The database that Firewalla is using seems to recognize these addresses as "friendly" 

     

    The D-Link cameras however a different story. All sorts of alarms and open ports. I heed Firewalla's warning block the ports and the various sites that are "attacking" the camera's. This has not affected the functionality of those cameras. 

     

    0
    Permalink
  • Avatar
    Anil Rhemtulla

    Thanks @Hatadds that's so interesting. I hope someone from the Firewalla team can chime in here to explain if Ring uploads are automatically seen as friendly by Firewalla. 

    0
    Permalink
  • Avatar
    Firewalla

    Anil, the identification process is a bit more involved.  So it is hard to say.  We are in fact working on a few things that may make the upload's alarm a bit more manageable.  But that may require some time, as we need to sample the hash data we get to build a bunch of signatures.  And hopefully, the enhancements will automate some of the 'alarms'.  

    The open ports are a different type of alarms.   They are more of informational + something need to be done alarm.

    The attacks are different things as well, they are likely due to above, something on the internet is trying to break through into your camera ...   

    0
    Permalink
  • Avatar
    Hatadds

    It's interesting to monitor these attacks on my D-Link cams. The attacks were flagged and blocked by Firewalla. They are coming from Asia (China,Vietnam), Bulgaria, Russia, other parts of Eastern Europe.

    0
    Permalink

Please sign in to leave a comment.

Didn't find what you were looking for?

New post
Powered by Zendesk