Re: " ...colleges and universities all over the United States found that their network printers were spilling out Auernheimer’s flyer."

["Judith L. Tabron" <Judith.L.Tabron () HOFSTRA EDU>]

I treasure the simpler days when Apple's printer utility let someone on campus constantly rename the printer in public 
safety (which printed a test page every morning with the printer name) to "Donut Eating Pigs".


Judith


------
Judith Tabron, Ph.D., Director, Faculty and Student Computing Services
Hofstra University
judith.tabron () hofstra edu | 516-463-6316
State Chair, New York State ACE Women's Network



________________________________
From: The EDUCAUSE Security Constituent Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> on behalf of Frank Barton 
<bartonf () HUSSON EDU>
Sent: Tuesday, March 29, 2016 9:37 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] " ...colleges and universities all over the United States found that their network printers 
were spilling out Auernheimer’s flyer."

At Husson, we have a dedicated, locked down VLAN for printers. Only certain machines can talk to, or even see the 
printers. We did this partially for security, partially for accountability, and partially because printers are such 
sensitive devices.

Some of our printers, when hit with a security vulnerability scan will start to print of PCL garbage, and will need a 
power-cycle to come out of it. The dedicated VLAN also ensures that all printing has to go through one of our print 
servers, and thus also our print tracking system.

I have to say though, I half-expected to see page after page of chicken, instead of the vitriol that was used. 
http://uproxx.com/technology/unsecured-wireless-printer-prank-chicken-report/

Frank

On Mon, Mar 28, 2016 at 11:08 AM, Harry Hoffman <hhoffman () ip-solutions net<mailto:hhoffman () ip-solutions net>> 
wrote:
This vector, unfortunately, goes back alot further then 2014.

And the print jobs have been everything from beastuality, to cruises, to folks from other countries issuing warnings to 
close off access to the ports.

It's a sad state of affairs and one made worse by vendors who won't provide quality controls for the equipment they 
manufacture.

Cheers,
Harry



On 3/28/16 10:14 AM, Shawn Merdinger wrote:
Lock down your printers, lest Weev (and now countless others) will
troll you with racist print jobs.

http://motherboard.vice.com/en_ca/read/hacker-weev-made-thousands-of-internet-connected-printers-spit-out-racist-flyers

https://storify.com/weev/a-small-experiment-in

Fwiw, I've a couple slides in a 2014 Educause preso detailing this
vector exactly...down to the shell script...and one slide in
particular that will most certainly get you the backing from C-level
execs to remove your printers from public IP (child pr0n, hostile work
environment lawsuits, every public IP printer now a state/federal
crime scene).

http://www.educause.edu/sites/default/files/library/presentations/SEC14/SESS08/shodan_for_edu_educause_security_conference_2014_public_version_shawn_merdinger.pdf

Cheers,
--scm




--
Frank Barton
ACMT
IT Systems Administrator
Husson University