Security Basics mailing list archives
RE: printer security
From: "Mercurio, Michael D (Dante)" <michael.mercurio () verizonbusiness com>
Date: Mon, 29 Dec 2008 15:58:31 +0000
HP does provide an encryption system called SecureJet. It requires specific printers and client drivers though: http://h20424.www2.hp.com/program/wdyhts/enterpriseprint/sg/en/pdfs/solu tions/hp_secureJet_brochure.pdf Good Luck, M. Dante Mercurio, CISSP, CCNA -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Jon Kibler Sent: Wednesday, December 24, 2008 10:08 AM To: security-basics () securityfocus com Cc: sfmailsbm () gmail com Subject: Re: printer security -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 sfmailsbm () gmail com wrote:
hi list, first of all seasons greetings to all of u.. wanted to know what are the existing security features available to
protect data being sent from a PC to a printer: is the data encrypted in any ways? if so does anyone know the mechanisms behind?
googled on the subject, but did not find anything regarding the security of the printer session thanks all for ur help!
Printer Security == Oxymoron Lots of luck here! Although some of the newer high end printers and printer adapters (e.g., HP JetDirect) have TLS support, good luck finding drivers that support mandatory TLS usage. If you have an IPv6 LAN, then you have a slightly better chance of being able to enforce encrypted traffic to your printer by configuring IPv6 on your network printer adapter to require encryption and authentication. Again, good luck finding IPv6/IPSec compliant printers or printer adapters on your network. (I work with several major security paranoid organizations, and none have been willing to upgrade to TLS or IPSec support for their printers.) When it comes to printer security, even more laughable is the firmware used in the printers. Many are based on ANCIENT versions of NetBSD, W/CE, W/2K, etc. that are full of known security vulnerabilities and are often trivially exploitable. Printers are probably the # 2 security weakness in even the most security organizations. (Non-traditional computers, such as physical security, HVAC management, SCADA/PLC/DCS, and other control systems are easily # 1.) Want to hack an organization? Don't go after their desktops or servers, go after their printers, time clocks, physical security systems, etc. -- you will probably have a MUCH easier time compromising the organization. Hope this helps! Jon K - -- Jon R. Kibler Chief Technical Officer Advanced Systems Engineering Technology, Inc. Charleston, SC USA o: 843-849-8214 c: 843-224-2494 s: 843-564-4224 http://www.linkedin.com/in/jonrkibler My PGP Fingerprint is: BAA2 1F2C 5543 5D25 4636 A392 515C 5045 CF39 4253 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.8 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAklSUDwACgkQUVxQRc85QlM5vQCfac19Njyikl5NibU5YnImcmLc oAIAoJ/lBJ5H0WiTKJRz7j/b2NkCSuD+ =6v95 -----END PGP SIGNATURE----- ================================================== Filtered by: TRUSTEM.COM's Email Filtering Service http://www.trustem.com/ No Spam. No Viruses. Just Good Clean Email.
Current thread:
- printer security sfmailsbm (Dec 24)
- Re: printer security Jon Kibler (Dec 26)
- RE: printer security Mercurio, Michael D (Dante) (Dec 29)
- Re: printer security Michal Lovas (Dec 29)
- Re: printer security ArcSighter Elite (Dec 29)
- Re: printer security Robin Wood (Dec 30)
- Re: printer security ArcSighter Elite (Dec 29)
- Re: printer security Jon Kibler (Dec 26)