Moderator edit: For the safety of our community members, this post was edited to remove personally identifiable information.
I monitor network security for a living and noticed Nestcam's are using an outdated version of TLS (SSLv2) encryption that is prone to eavesdropping as it talks to Google servers across the internet (in my case communicating with ###.###.###.###). Is it possible you'll fix?
Here's my IDS rule that all my NESTCAMS trigger on (including my newer ones)
alert tls $HOME_NET any -> $EXTERNAL_NET any (msg:"ET POLICY SSLv2 Used in Session"; flow:established,to_server; ssl_version:sslv2; reference:url,github.com/nsacyber/Mitigating-Obsolete-TLS; classtype:misc-activity; sid:4015119; rev:1; metadata:created_at 2021_01_06, former_category POLICY, updated_at 2022_05_03;)
Encryption protocols, such as Transport Layer Security (TLS) and Secure Sockets Layer (SSL), provide data protection as it travels through a network. However, older versions of these protocols become obsolete as technology changes and vulnerabilities surface. Network connections employing obsolete encryption protocols are at an elevated risk of exploitation and decryption. As a result, all systems should detect and remediate the use of deprecated forms of encryption for TLS and SSL protocols.
