←back to thread

Power over Ethernet (PoE) basics and beyond

(www.edn.com)
257 points voxadam | 5 comments | 16 Oct 25 14:09 UTC | HN request time: 0s | source
Show context
skopje ◴[22 Oct 25 00:53 UTC] No.45663732[source]
PoE is awesome. My custom home security system is all CCTV PoE with a gstreamer backend running on four-core fanless linux box. Way to go. Complete control. No batteries, no wares spying on me, no personal data getting scraped by big guys. (Cloud connectivity sucks because I have segmented mp4s and jogging through them hurts but I only care for events after they happen, not while they happen.)
replies(6): >>45663770 #>>45664711 #>>45664915 #>>45665099 #>>45665193 #>>45667449 #
benhurmarcel ◴[22 Oct 25 11:21 UTC] No.45667449[source]
If one of those cameras is outside, did you consider the case of someone plugging in his laptop on that ethernet cable? He'd be on your local network.
replies(6): >>45667551 #>>45667567 #>>45667989 #>>45669412 #>>45671399 #>>45672136 #
1. tehlike ◴[22 Oct 25 14:07 UTC] No.45669412[source]
Vlan is the answer.
replies(1): >>45669481 #
2. beala ◴[22 Oct 25 14:13 UTC] No.45669481[source]
This is a pretty significant lift for most home networks, both in terms of cost and complexity, but I agree it’s the right way to go. If you’re upgrading to a PoE switch, you might as well go all the way and make it a managed switch.
replies(2): >>45670986 #>>45671789 #
3. thmsths ◴[22 Oct 25 15:50 UTC] No.45670986[source]
I would assume that putting a router between the POE switch and the rest of the network would work too and basic routers are cheap.
4. mmmlinux ◴[22 Oct 25 16:45 UTC] No.45671789[source]
When you get to the point of building out your own ip security camera system and then worrying that some hacker is going to roll up and plug in to one of your cameras. you probably already have vlans going.
replies(1): >>45682143 #
5. tehlike ◴[23 Oct 25 14:22 UTC] No.45682143{3}[source]
The more likely scenario is camera firmware being compromised and either allowing outbound or inbound connections, either of which can be prevented with a firewall+vlan