How to investigate a suspicious camera
Hi,
I recently bought a hidden camera (for indoors home monitoring), and I got suspicious of its behavior data wise.
It is obviously chinese. It is set up like this. First you download and install an app called Lookcam onto your phone. You power the device up by connecting it to the mains, then it acts as an AP and you can connect to its own network using your cell phone. Then you open the Lookcam app and it lists the available wifi networks. So proceed by entering the password and connecting to your home wifi network. From there on, the camera disables its AP and you can no longer see its own network. You can now see the recorded videos (it records to an SD card) and the live stream from the app.
Since it only records to the SD while connected to the wifi, I had a hunch that it could be sending unauthorized data to unauthorized parties.
How can I check its activity?
I am new to this, and this is what I 've done so far.
- Got the device MAC address from my router admin.
- Recorded about 15 minutes of activity.
- Filtered the device's MAC address using the command: eth.src==MAC.
- Statistics -> Conversations.
There were 64kb from the device to my router over this time span, and 0 byte from my router to the device. The majority of the communication was UDP.
I did not go any further. Can you instruct me how can I reliably check if it is or isn't sending my data somewhere?