I dont know why I am bothering to reply since you obviously lack the self awareness to see the gaps in logic of your own argument, but here goes.
firstly, you talk about “due respect”, but it was your lack of respect that prompted me to reply in the first place. security is generally not a right or wrong answer, its a risk position. your presumption in taking the intellectual high ground and making determinations on what is ‘right’ or ‘half right’ is the only dangerous assumption being made by anyone here.
me talking about the single example of using different port numbers in a forwarding rule assumes that one can make the connection between having multiple concurrent port forwards active on the same router. if you feel the need to specify that this can be done multiple times when I didnt call it out, then youre really dumbing down the conversation and assuming people are at a beginner level.
but at the same time, you seem to assume that everyone here knows the details of the RTSP protocol in that they know its unencrypted with plain text authentication, so all the sudden the audience you determined is people who dont know how to port forward between non-matching ports, yet know RTSP well enough to validate it’s level of security and put it on the open internet. you see where I am going here?
then you also assume that I am saying there should only be a different port and no authentication. the whole time I have been talking about hacking, and plain text passwords… so why would I suddenly be saying there should be no authentication on an unencrypted video stream with just an obscure port number as the only measure of security? its not hacking if you simply discover someones video stream, the “hack” implies needing to break into something, therefore having an existing authentication mechanism in place.
there are a lot of bored people out there. many people all over the world are stuck at home due to the COVID-19 pandemic (hint: I am one of the ones in COVID lockdown, which is why I have time to waste on you), and my snort server shows all manner of bizarre intrusion attempts. I also know for a fact that there are script kiddie apps for hacking RTSP streams that search networks and brute force the plain text passwords. what I am trying to say is that you can never be too careful, since RTSP is not considered a secure protocol. there is no misinformed or dangerous assertion there, its simple fact.
the only person here that “shouldnt be doing” something, is you giving people bad lessons in security. at the end of the day, I will be fine being overly cautious (if thats how you view it), whereas people that listen to your contradictory nonsense may end up with some real life problems as a result.