Educause Security Discussion mailing list archives
Re: " ...colleges and universities all over the United States found that their network printers were spilling out Auernheimer’s flyer."
From: "Judith L. Tabron" <Judith.L.Tabron () HOFSTRA EDU>
Date: Tue, 29 Mar 2016 13:48:55 +0000
I treasure the simpler days when Apple's printer utility let someone on campus constantly rename the printer in public safety (which printed a test page every morning with the printer name) to "Donut Eating Pigs". Judith ------ Judith Tabron, Ph.D., Director, Faculty and Student Computing Services Hofstra University judith.tabron () hofstra edu | 516-463-6316 State Chair, New York State ACE Women's Network ________________________________ From: The EDUCAUSE Security Constituent Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> on behalf of Frank Barton <bartonf () HUSSON EDU> Sent: Tuesday, March 29, 2016 9:37 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] " ...colleges and universities all over the United States found that their network printers were spilling out Auernheimer’s flyer." At Husson, we have a dedicated, locked down VLAN for printers. Only certain machines can talk to, or even see the printers. We did this partially for security, partially for accountability, and partially because printers are such sensitive devices. Some of our printers, when hit with a security vulnerability scan will start to print of PCL garbage, and will need a power-cycle to come out of it. The dedicated VLAN also ensures that all printing has to go through one of our print servers, and thus also our print tracking system. I have to say though, I half-expected to see page after page of chicken, instead of the vitriol that was used. http://uproxx.com/technology/unsecured-wireless-printer-prank-chicken-report/ Frank On Mon, Mar 28, 2016 at 11:08 AM, Harry Hoffman <hhoffman () ip-solutions net<mailto:hhoffman () ip-solutions net>> wrote: This vector, unfortunately, goes back alot further then 2014. And the print jobs have been everything from beastuality, to cruises, to folks from other countries issuing warnings to close off access to the ports. It's a sad state of affairs and one made worse by vendors who won't provide quality controls for the equipment they manufacture. Cheers, Harry On 3/28/16 10:14 AM, Shawn Merdinger wrote: Lock down your printers, lest Weev (and now countless others) will troll you with racist print jobs. http://motherboard.vice.com/en_ca/read/hacker-weev-made-thousands-of-internet-connected-printers-spit-out-racist-flyers https://storify.com/weev/a-small-experiment-in Fwiw, I've a couple slides in a 2014 Educause preso detailing this vector exactly...down to the shell script...and one slide in particular that will most certainly get you the backing from C-level execs to remove your printers from public IP (child pr0n, hostile work environment lawsuits, every public IP printer now a state/federal crime scene). http://www.educause.edu/sites/default/files/library/presentations/SEC14/SESS08/shodan_for_edu_educause_security_conference_2014_public_version_shawn_merdinger.pdf Cheers, --scm -- Frank Barton ACMT IT Systems Administrator Husson University
Current thread:
- " ...colleges and universities all over the United States found that their network printers were spilling out Auernheimer’s flyer." Shawn Merdinger (Mar 28)
- Re: " ...colleges and universities all over the United States found that their network printers were spilling out Auernheimer’s flyer." Tracy Mitrano (Mar 28)
- Re: " ...colleges and universities all over the United States found that their network printers were spilling out Auernheimer’s flyer." Haselhoff, Brent (Mar 28)
- Re: " ...colleges and universities all over the United States found that their network printers were spilling out Auernheimer’s flyer." Harry Hoffman (Mar 28)
- Re: " ...colleges and universities all over the United States found that their network printers were spilling out Auernheimer’s flyer." Shawn Merdinger (Mar 28)
- Re: " ...colleges and universities all over the United States found that their network printers were spilling out Auernheimer’s flyer." Frank Barton (Mar 29)
- Re: " ...colleges and universities all over the United States found that their network printers were spilling out Auernheimer’s flyer." Judith L. Tabron (Mar 29)
- Re: " ...colleges and universities all over the United States found that their network printers were spilling out Auernheimer’s flyer." Matthew Trump (Mar 29)
- Re: " ...colleges and universities all over the United States found that their network printers were spilling out Auernheimer¹s flyer." Brad Judy (Mar 29)
- Re: " ...colleges and universities all over the United States found that their network printers were spilling out Auernheimer’s flyer." Shawn Merdinger (Mar 29)