Re: SANS Consensus Security Awareness Project

["WILSON, PAUL T. (JSC-ES)" <paul.t.wilson1 () JSC NASA GOV>]

Passwording may be sufficient.  How old are these JetDirect cards?  You may
want to install newer ones that are reported to address a number of security
issues.

Paul T Wilson                   Lockheed Martin
CCS UNIX Coordinator and Systems Security Representative
281-483-5429    pgr 281-527-2140
CCS Service Center 281-483-1122
paul.t.wilson () jsc nasa gov

> ----------
> From:         David Grisham CIRT Security Admin.
> Reply To:     David Grisham CIRT Security Admin.
> Sent:         Thursday, September 21, 2000 10:43 AM
> To:   INCIDENTS () SECURITYFOCUS COM
> Subject:      Re: SANS Consensus Security Awareness Project
>
> over the weekend our site was part of a SYN attack on another ISP.  The
> site could not give us complete logs.  It did identify four IPs which were
> involved.  These turned out to be printers with no passwords.  We had
> earlier discovered a couple of printers that were also used in a large
> DDoS attack.  Could somebody who has experience with this printer
> exploit, please send me some details.  We are placing passwords on these
> units. Cheers. --grish
>    Dr. David D. Grisham, Security Admin. Phone (505) 277-8032 FAX 277-8101
>    2701 Campus Blvd. NE CIRT, Univ. of New Mexico,
>    Albuquerque, NM 87131 * e-mail:dave () unm edu *
> web:http://www.unm.edu/~dave
>    --- finger dave () unm edu or see my web page for public key.
>    Phone to:(505) 277-4646 or E-mail to security () unm edu will bring an
>    immediate response from the security staff.  The CIRT security web page
>    is www.unm.edu/~security
>
> > Name:    printer1.unm.edu (This is a printer an HP JetDirect it is not
> >                        password protected.)
> > Address:  129.24.219.xxx