Re: Using a Stand-Alone Network Printer as a network attack entry point?

From: Security News (sec-news@xsec.net)
Date: Fri Aug 16 2002 - 13:26:27 EDT

• Next message: Brewis, Mark: "RE: Using a Stand-Alone Network Printer as a network attack entry point?"
• Previous message: Fabrizio Siciliano: "RE: Digital UNIX 5.60 recourses"
• In reply to: Nick Jacobsen: "Using a Stand-Alone Network Printer as a network attack entry point?"
• Next in thread: Brewis, Mark: "RE: Using a Stand-Alone Network Printer as a network attack entry point?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

As for really modifying the ROM , it seems possible but also seems like a
LOT of work for something that might not even allow you to connect thru the
firewall.

My first question is Do you have physical access to start with? And if so
why not drop in a small hub/proxy based hardware device (or even 802.11
which works quite nicely).

If you were able to drop a *NIX based smallbox in place behind the printer
you could actually use some of the current firewall tunneling software like
fwtun without any further configuration and end up with a real box you
could launch the attack from.

What about modifying a small ARM based processor board to have 2 NIC's and
act as a tiny pass-thru that could be placed behind the device? This
device could be the size of a pack of cards and would allow you to connect
to an ARM Linux OS.

At 09:20 PM 8/15/2002 -0700, Nick Jacobsen wrote:
>Hi all...
> I came up with an idea, one that I've never heard discussed, of possibly
>modifying a stand-alone network printer (like most of the high-end office
>printers, hereafter referred to as a "SNP") to act as a full point to point
>proxy, or at least a simple pass through to the port and IP you specify in
>some sort of configuration. The idea here would be to take a SNP and modify
>a ROM image for the specific printer to include the proxy functionality. I
>realize this could turn out to be quite difficult, but at the same time, it
>would provide a way into the internal network when no others are available.
>Any comments are most DEFINITELY welcome, flames less so, but if it's a
>stupid idea, let me know...
>
>Nick Jacobsen
>nick@ethicsdesign.com
>ethics@netzero.net
>
>
>----------------------------------------------------------------------------
>This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
>Service. For more information on SecurityFocus' SIA service which
>automatically alerts you to the latest security vulnerabilities please see:
>https://alerts.securityfocus.com/

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

• Next message: Brewis, Mark: "RE: Using a Stand-Alone Network Printer as a network attack entry point?"
• Previous message: Fabrizio Siciliano: "RE: Digital UNIX 5.60 recourses"
• In reply to: Nick Jacobsen: "Using a Stand-Alone Network Printer as a network attack entry point?"
• Next in thread: Brewis, Mark: "RE: Using a Stand-Alone Network Printer as a network attack entry point?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:24 EDT