Security Basics mailing list archives

RE: Securing Printers

From: "Yvan G.J. Boily" <yboily () seccuris com>
Date: Mon, 15 Nov 2004 13:51:45 -0600

Well, my simple argument is the instance where an attacker printed out a document on a network shared printer on a 
wireless network.
The attacker only printed the message "Your network is wide open".  Not a big threat for a home user, but scary enough.

Imagine a slightly different context where a disgruntled employee goes to an internet café, connects to the network 
printer, and
prints off a falsified email from co-worker A to co-worker B containing a pornographic image.  The printed document 
could be lying
around, Co-worker A and B get flak, potentially fired, and disgruntled employee is not a suspect.

A more serious instance would be if malicious attacker wanted to attempt a "phishing" attack, they could print out a 
"memo"
targeting a specific low-level or new employee from a higher level manager to take specific action.  The next person 
who uses the
printer would collect the document and potentially forward it on to the target user.

Just the possibility of this type of activity occurring should justify the assignment of a private IP address.

Yvan

-----Original Message-----
From: Bryce Embry [mailto:embryb () k12tn net] 
Sent: Monday, November 15, 2004 11:19 AM
To: sec-basic list
Subject: Securing Printers

Howdy,

A recent thread on BugTraq, along with some discussions with my 
colleagues, has me curious about printer security.  What dangers are 
there in giving a printer a public IP address?

To me, a printer with a public IP sounds utterly foolish, but I'm not 
doing a very good job of making this point with my colleagues.  They 
usually respond with the question "Why would anyone want to print 
something to a printer they can't even find?".  My answers 
(usually "Why 
not?" or "it's a system running an OS that is subject to 
exploitation") 
  don't seem to be very convincing, especially since I can't 
produce any 
known exploits.  I would appreciate any arguments and reasoning that 
would carry more weight, or enlightenment to help me stop being so 
paranoid.

Thanks,

Bryce

Current thread:

Securing Printers Bryce Embry (Nov 15)
- RE: Securing Printers Yvan G.J. Boily (Nov 15)
  - Re: Securing Printers Virgo Pärna (Nov 16)
- RE: Securing Printers David Gillett (Nov 15)
- Re: Securing Printers Ed Donahue (Nov 16)
  - Re: Securing Printers Zurt (Nov 16)
  - Re: Securing Printers Matthew Romanek (Nov 16)
    - RE: Securing Printers Corey Watts-Jones (Nov 19)
- Re: Securing Printers Jonathan Kline (Nov 16)
  - Re: Securing Printers Frank T. Clark (Nov 16)
- Re: Securing Printers xyberpix (Nov 16)
- Re: Securing Printers Peter Wan (Nov 16)

(Thread continues...)