Re: network printers

[DMORROW5 () satx rr com]

Keep in mind, and even more so today, that printers, and now
Multifunction devices (MFD's), usually have an embedded web server, ftp
server and telnet turned on by default. 

regards, 

Dana

----- Original Message -----
From: Sean Peterson <mrpeterson () theunixman com>
Date: Friday, December 16, 2005 5:26 am
Subject: Re: network printers

> To get an idea of the vulnerability of printers, I looked at 
> "Hacking 
> Network Printers" at  
> http://www.irongeek.com/i.php?page=security/networkprinterhacking
>
> Some manufacturers have documented basic security procedures, for 
> example "HP Jetdirect Print Servers - Making HP Jetdirect Print 
> Servers 
> Secure on a Network" at 
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=bpj05999
> If you allow clients to print directly to the device via IP, then 
> deploying a host with SysLog and  configuring the print devices to 
> record their errors to the syslog host helps tremendously with 
> diagnosis 
> and problem analysis.
>
> Hope this helps and if you come across any more detailed 
> procedures, 
> please post them on the list.
>
> -Sean
>
> Mark Brunner wrote:
>
> > Haven't looked at printers in a while.
> > Are there any best practices hardening and audit docs for printers?
> >
> > Mark
> >
> > -----Original Message-----
> > From: Ben Nagy [mailto:ben () iagu net]
> > Sent: Saturday, December 10, 2005 1:24 AM
> > To: pen-test () lists securityfocus com
> > Subject: RE: empty sa passwords on network printers ??
> >
> >
> > Not sure what you mean by SA password, but HP printers run Java, 
> which is
> > turing complete. If you have full access to the printer you can 
> make it do
> > absolutely anything you want - it's just as good (or better) as 
> owning a
> > workstation.
> >
> > Check out some of the phenoelit stuff to scare yourself:
> > http://www.phenoelit.de/stuff/defconX.pdf
> >
> > Cheers,
> >
> > ben
> >
> >  
> >
> > > -----Original Message-----
> > > From: Jason Rusch [mailto:rusch.j () gmail com]
> > > Sent: Saturday, December 10, 2005 2:51 AM
> > > To: pen-test () lists securityfocus com
> > > Subject: empty sa passwords on network printers ??
> > >
> > > curious whats peoples opinion on the risk level etc concerning empty
> > > SA passwords on network printers?
> > >
> > >
> > > Jason P. Rusch, CISSP
> > > Sr. Information Security Administrator
> > > Infosec-rusch
> > > Tampa, FL 33619
>
> --------------------------------------------------------------------
> ----------
> Audit your website security with Acunetix Web Vulnerability 
> Scanner: 
>
> Hackers are concentrating their efforts on attacking applications 
> on your 
> website. Up to 75% of cyber attacks are launched on shopping carts, 
> forms, 
> login pages, dynamic content etc. Firewalls, SSL and locked-down 
> servers are 
> futile against web application hacking. Check your website for 
> vulnerabilities 
> to SQL injection, Cross site scripting and other web attacks before 
> hackers do! 
> Download Trial at:
>
> http://www.securityfocus.com/sponsor/pen-test_050831
> --------------------------------------------------------------------
> -----------

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: 

Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are 
futile against web application hacking. Check your website for vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers do! 
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------