PaulDotCom mailing list archives
HP9000 multifunction devices hooked into AD
From: robert.portvliet at gmail.com (Robert Portvliet)
Date: Tue, 3 Nov 2009 11:39:34 -0500
Be careful when port scanning printers, it was mentioned on PDC a while ago that some printers will print whatever is sent to port 9100 & if you scan that port it will print out a very large stack of pages full of gibberish. Nmap excludes that port now, but I figured it was worth mentioning http://nmap.org/book/man-version-detection.html --allports (Don't exclude any ports from version detection) By default, Nmap version detection skips TCP port 9100 because some printers simply print anything sent to that port, leading to dozens of pages of HTTP GET requests, binary SSL session requests, etc. This behavior can be changed by modifying or removing the Exclude directive in nmap-service-probes, or you can specify --allports to scan all ports regardless of any Excludedirective. On Tue, Nov 3, 2009 at 10:54 AM, Tim Mugherini <gbugbear at gmail.com> wrote:
In addition to suggestion for scanning (telnet, etc..) Pay attention to the scanning settings - many of these devices store all scanned images on the web server and do not require auth to retrieve (seen this with xerox before) On Tue, Nov 3, 2009 at 8:42 AM, Bradley McMahon <bradmcmahon at gmail.com> wrote:I suggest preforming a port scan on one of the devices and see what is running my guess is telnet is wide open with no password and SNMP isenabledby default. -Brad On Tue, Nov 3, 2009 at 7:55 AM, k41zen <k41zen at live.co.uk> wrote:So a client has purchased several HP9040 multifunction devices (MFP) to allow them to use the scanning feature so that they can scan a doc and have it email the result to them. From the limited documentation provided, several areas of interest jump out such as: Securely stores usernames and email addresses with an LDAP sync from AD Authenticates the user to AD at the printer panel Scan a document and have it automatically emailed to you Scan a document and have it automatically saved to your homedriveI get to play with this later this week but wondered if someone has already looked into what fun can be had with these devices. Grateful for any info. Regards, k41zen _______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com_______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com_______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
-------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20091103/7084585c/attachment.htm
Current thread:
- HP9000 multifunction devices hooked into AD k41zen (Nov 03)
- HP9000 multifunction devices hooked into AD Bradley McMahon (Nov 03)
- HP9000 multifunction devices hooked into AD Tim Mugherini (Nov 03)
- HP9000 multifunction devices hooked into AD k41zen (Nov 03)
- HP9000 multifunction devices hooked into AD Robert Portvliet (Nov 03)
- HP9000 multifunction devices hooked into AD k41zen (Nov 03)
- HP9000 multifunction devices hooked into AD Bob Patterson (Nov 04)
- HP9000 multifunction devices hooked into AD k41zen (Nov 04)
- HP9000 multifunction devices hooked into AD Tim Mugherini (Nov 03)
- HP9000 multifunction devices hooked into AD Bob Patterson (Nov 04)
- HP9000 multifunction devices hooked into AD Michael Miller (Nov 10)
- HP9000 multifunction devices hooked into AD Bradley McMahon (Nov 03)