Nmap Development mailing list archives
RE: NMAP and HP JetDirect port
From: "Uri Gilad" <ugilad () forescout com>
Date: Tue, 14 Jun 2005 10:43:18 +0300
The point was not to fix the vulnerability. I even think this may be considered a feature with correct access control. The question is how do I avoid sending data to this port only (or similar ones on other printers). Uri. -----Original Message----- From: hutuworm Sent: Tuesday, June 14, 2005 9:24 AM To: Uri Gilad Subject: Re: NMAP and HP JetDirect port I think it should be JetDirect's vulnerability, it's better to suggest HP to fix the JetDirect protocol implementation, since you can't prevent other scanners or whatever sending packets to 9100/TCP port. On 6/14/05, Uri Gilad wrote:
Hi, this issue has been raised before, but to recap : running nmap -sO or nmap -sV on a host, not specifying a specific port will send data to port 9100/TCP . HP printers use this port for the JetDirect protocol, meaning the printer will happily print whatever strings the nmap throws at it in attempt to detect the protocol used on this port. This will consume large amounts of paper, and is an unwanted side effect in almost every scenario. It seems that commenting out 9100/TCP in nmap-services will alleviate this problem. Two questions arise: 1. Is this the best method to cause nmap to skip 9100/TCP in scanning a host. 2. Have anyone experianced any similar problems with printers (we only have one brand of printers...) Thanks, Uri Gilad. _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev
-- In doG We Trust _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev
Current thread:
- NMAP and HP JetDirect port Uri Gilad (Jun 13)
- <Possible follow-ups>
- RE: NMAP and HP JetDirect port Uri Gilad (Jun 14)