Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: " ...colleges and universities all over the United States found that their network printers were spilling out Auernheimer’s flyer."

From: "Haselhoff, Brent" <brent.haselhoff () WKU EDU>
Date: Mon, 28 Mar 2016 14:34:34 +0000
We've had similar problems for years and we are currently moving our printers to private IPs.  Shodan was triggering 
some nasty print jobs as they scanned our network.  Shodan is a is a good tool to discover what the internet knows 
about your network, including printers that are open to the Internet.  https://www.shodan.io/.  They will give you a 
free premium account if you are an .edu and ask for it.

Brent

-----Original Message-----
From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Shawn 
Merdinger
Sent: Monday, March 28, 2016 9:14 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] " ...colleges and universities all over the United States found that their network printers were 
spilling out Auernheimer’s flyer."

Lock down your printers, lest Weev (and now countless others) will troll you with racist print jobs.

http://motherboard.vice.com/en_ca/read/hacker-weev-made-thousands-of-internet-connected-printers-spit-out-racist-flyers

https://storify.com/weev/a-small-experiment-in

Fwiw, I've a couple slides in a 2014 Educause preso detailing this vector exactly...down to the shell script...and one 
slide in particular that will most certainly get you the backing from C-level execs to remove your printers from public 
IP (child pr0n, hostile work environment lawsuits, every public IP printer now a state/federal crime scene).

http://www.educause.edu/sites/default/files/library/presentations/SEC14/SESS08/shodan_for_edu_educause_security_conference_2014_public_version_shawn_merdinger.pdf

Cheers,
--scm
Previous By Date Next
Previous By Thread Next

Current thread: