Re: JetDirect Card DoS exploit?

[Ron DuFresne <dufresne () WINTERNET COM>]

Bill,

Jetdirect cards have long been known to be able to be DOS'ed with various
namp scans, old sping and a few other 'exploits'.  A search of the bugtraq
archive should provide quite a list of possible ways to drop the printers
out till they are recycled.

Thanks,

Ron Dufresne

On Wed, 4 Oct 2000, Bill Hayes wrote:

> On Monday,  we saw all of the HP JetDirect-equipped printers go belly up on
> one of our subnets.  They would not respond to pings.  We restarted them
> and all is going well. I think there might be two possiblities.
>
> First,  someone could have written a DoS script that attacks HP JetDirect
> cards, possibly running against Telnet or SNMP. Secondly,  an improperly
> configured box with either net discovery or scanning tools could have
> caused this problem.
>
> I have seen a Win2K Pro box take out a Xyplex terminal server by scanning
> port 23, so perhaps this could have happened. I've been unable to duplicate
> this latter possiblity with HP JetDirect cards. The seem to be fine before
> and after the scans from a Win2K Pro box.
>
> Is anyone aware of any other possiblities?
>
> Bill...
>
> William Hayes, Computer Specialist, Communications & Information Technology
> Network Security Consultant, Information Services Networking & Ops Center
> University of Nebraska Lincoln

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"Cutting the space budget really restores my faith in humanity.  It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation." -- Johnny Hart
        ***testing, only testing, and damn good at it too!***

OK, so you're a Ph.D.  Just don't touch anything.