Security Basics mailing list archives

Re: Securing Printers

From: Adam Jones <ajones1 () gmail com>
Date: Thu, 18 Nov 2004 16:14:25 -0600

Another important consideration is if you have security sensitive
ports (135 and 445 on windows come to mind) that are blocked at the
firewall these may be available from your printer. With enough
patience and possibly the right kind of printer someone could
configure it to bounce packets from your host to another system,
allowing the intruder to circumvent your firewall.

Granted this assumes a specific firewall setup, so a good look at your
network policies would confirm/deny the possibility here.

Many of the larger, commercial grade printers have a lot of room to
play with. Imagine print jobs being replaced with lewd messages, even
worse if a scripting language is available to replace only part of a
message.

-Adam

Current thread:

RE: Securing Printers, (continued)
- - - RE: Securing Printers Corey Watts-Jones (Nov 19)
- Re: Securing Printers Jonathan Kline (Nov 16)
  - Re: Securing Printers Frank T. Clark (Nov 16)
- Re: Securing Printers xyberpix (Nov 16)
- Re: Securing Printers Peter Wan (Nov 16)
  - Re: Securing Printers Spigga (Nov 16)
- RE: Securing Printers Julen C (Nov 16)
- RE: Securing Printers Dubber, Drew B (Nov 16)
- RE: Securing Printers Dante Mercurio (Nov 17)
  - RE: Securing Printers Samuel Petreski (Nov 18)
    - Re: Securing Printers Adam Jones (Nov 19)
- RE: Securing Printers Herbold, John W. (Nov 19)
  - RE: Securing Printers Corey Watts-Jones (Nov 22)
- RE: Securing Printers Herbold, John W. (Nov 22)
  - RE: Securing Printers Corey Watts-Jones (Nov 22)