Re: HP LaserJet 4 Series Jet Direct

[RichardS () ADV NET NZ (Richard Stevenson)]

On 18 Jun 2000, at 20:21, Blue Boar wrote:

> Ryan Yagatich wrote:
> > With the HP LaserJet 4 series Jet direct card you can telnet to port 9099
> > on the printer's IP address and type any text and on disconnect the page
> > will be printed.

I'm sure that has been mentioned on Bugtraq before - around 97 or 98,
possibly.  So I can print using netcat :-)

> Not really seeing how the second choice keeps me from using as much toner
> and paper.  There have been some really interesting attacks against HP's
> JetDirect cards in the past though... keep looking.

It's really a site problem... think of unfirewalled sites with one of these
things sitting accessible to the net.  Bad idea to start with, but off the
top of my head, I can think of a couple of sites that do just this, and I
can have a lot of fun with them (one is a small business, and the other is
a large educational institution).  Real solution:  sort out your security
policy and firewall your network.

Cheers

R

--
Richard Stevenson
ADV E-Commerce, Auckland

"I've been bitten at least as badly.  I poured 7 years into helping make
 SunOS 4.x a great operating system only to have it ripped away and replaced
 with that Solaris thing."
                -- Larry McVoy, in linux-kernel