Educause Security Discussion mailing list archives
Re: " ...colleges and universities all over the United States found that their network printers were spilling out Auernheimer’s flyer."
From: Shawn Merdinger <shawnmer () GMAIL COM>
Date: Mon, 28 Mar 2016 11:24:02 -0400
Yes, Harry, clearly the printer problems go back well over 15 years. I merely pointed out my SPC talk in 2014 that covered Weev's silly one line script attack use case. For more historical context, and deeper dive into printer weaknesses: IronGeek's Hacking Printers page: http://www.irongeek.com/i.php?page=security/networkprinterhacking Dr. Andrei Costin's "Hacking Printers: 10 years of public research and lessons learned" (2012): https://www.youtube.com/watch?v=cf8DQmjaNnw Cheers, --scm On 3/28/16, Harry Hoffman <hhoffman () ip-solutions net> wrote:
This vector, unfortunately, goes back alot further then 2014. And the print jobs have been everything from beastuality, to cruises, to folks from other countries issuing warnings to close off access to the ports. It's a sad state of affairs and one made worse by vendors who won't provide quality controls for the equipment they manufacture. Cheers, Harry On 3/28/16 10:14 AM, Shawn Merdinger wrote:Lock down your printers, lest Weev (and now countless others) will troll you with racist print jobs. http://motherboard.vice.com/en_ca/read/hacker-weev-made-thousands-of-internet-connected-printers-spit-out-racist-flyers https://storify.com/weev/a-small-experiment-in Fwiw, I've a couple slides in a 2014 Educause preso detailing this vector exactly...down to the shell script...and one slide in particular that will most certainly get you the backing from C-level execs to remove your printers from public IP (child pr0n, hostile work environment lawsuits, every public IP printer now a state/federal crime scene). http://www.educause.edu/sites/default/files/library/presentations/SEC14/SESS08/shodan_for_edu_educause_security_conference_2014_public_version_shawn_merdinger.pdf Cheers, --scm
Current thread:
- " ...colleges and universities all over the United States found that their network printers were spilling out Auernheimer’s flyer." Shawn Merdinger (Mar 28)
- Re: " ...colleges and universities all over the United States found that their network printers were spilling out Auernheimer’s flyer." Tracy Mitrano (Mar 28)
- Re: " ...colleges and universities all over the United States found that their network printers were spilling out Auernheimer’s flyer." Haselhoff, Brent (Mar 28)
- Re: " ...colleges and universities all over the United States found that their network printers were spilling out Auernheimer’s flyer." Harry Hoffman (Mar 28)
- Re: " ...colleges and universities all over the United States found that their network printers were spilling out Auernheimer’s flyer." Shawn Merdinger (Mar 28)
- Re: " ...colleges and universities all over the United States found that their network printers were spilling out Auernheimer’s flyer." Frank Barton (Mar 29)
- Re: " ...colleges and universities all over the United States found that their network printers were spilling out Auernheimer’s flyer." Matthew Trump (Mar 29)
- Re: " ...colleges and universities all over the United States found that their network printers were spilling out Auernheimer¹s flyer." Brad Judy (Mar 29)
- Re: " ...colleges and universities all over the United States found that their network printers were spilling out Auernheimer’s flyer." Shawn Merdinger (Mar 29)