Re: network printers

From: Sean Peterson (mrpeterson@theunixman.com)
Date: Fri Dec 16 2005 - 06:26:28 EST

• Next message: Demetrio Carrión: "Re: Cracking WEP and WPA keys"
• Previous message: US Infosec: "Re: database scanning tools"
• In reply to: Mark Brunner: "network printers"
• Next in thread: DMORROW5@satx.rr.com: "Re: network printers"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To get an idea of the vulnerability of printers, I looked at "Hacking
Network Printers" at
http://www.irongeek.com/i.php?page=security/networkprinterhacking

Some manufacturers have documented basic security procedures, for
example "HP Jetdirect Print Servers - Making HP Jetdirect Print Servers
Secure on a Network" at
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=bpj05999

If you allow clients to print directly to the device via IP, then
deploying a host with SysLog and configuring the print devices to
record their errors to the syslog host helps tremendously with diagnosis
and problem analysis.

Hope this helps and if you come across any more detailed procedures,
please post them on the list.

-Sean

Mark Brunner wrote:

>Haven't looked at printers in a while.
>Are there any best practices hardening and audit docs for printers?
>
>Mark
>
>-----Original Message-----
>From: Ben Nagy [mailto:ben@iagu.net]
>Sent: Saturday, December 10, 2005 1:24 AM
>To: pen-test@lists.securityfocus.com
>Subject: RE: empty sa passwords on network printers ??
>
>
>Not sure what you mean by SA password, but HP printers run Java, which is
>turing complete. If you have full access to the printer you can make it do
>absolutely anything you want - it's just as good (or better) as owning a
>workstation.
>
>Check out some of the phenoelit stuff to scare yourself:
>http://www.phenoelit.de/stuff/defconX.pdf
>
>Cheers,
>
>ben
>
>
>
>>-----Original Message-----
>>From: Jason Rusch [mailto:rusch.j@gmail.com]
>>Sent: Saturday, December 10, 2005 2:51 AM
>>To: pen-test@lists.securityfocus.com
>>Subject: empty sa passwords on network printers ??
>>
>>curious whats peoples opinion on the risk level etc concerning empty
>>SA passwords on network printers?
>>
>>
>>Jason P. Rusch, CISSP
>>Sr. Information Security Administrator
>>Infosec-rusch
>>Tampa, FL 33619
>>

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

• Next message: Demetrio Carrión: "Re: Cracking WEP and WPA keys"
• Previous message: US Infosec: "Re: database scanning tools"
• In reply to: Mark Brunner: "network printers"
• Next in thread: DMORROW5@satx.rr.com: "Re: network printers"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:16 EDT