Re: [PEN-TEST] Wanted: info on JetDirect security test procs?

[Mark Teicher <mark.teicher () NETWORKICE COM>]

By default, the usual type of services are running on HP Jet Direct

NetBUI
FTP
HTTP
TFTP
Telnet
IPX

I once running Net X-ray on a company I previously worked for and
discovered that the HP JetDirect were broadcasting IPX across the network,
once this service was disabled, the network worked much better.. :)

/m

At 04:00 AM 10/7/00 -0400, Shetron, Richard wrote:
> If you check the bugtraq archives, I think you will find some references
> to previously known bugs with HP JetDirect.
>
> > I have found what I believe to be some flaws in our implementation of HP
> > JetDirect IP-based printing. I have been playing w/telnet & FTP, which have
> > exposed some security holes, but would like to know if there is a
> > comprehensive checklist of sorts that outlines known vulnerabilities, etc.
> >
> > Thanks,
> > Andrew Costa
> >
> >
>
>
> --
> Richard Shetron  multics () ruserved com multics () acm rpi edu  NO UCE
> What is the Meaning of Life?      There is no meaning,
> It's just a consequence of complex carbon based chemistry; don't worry
> about it
> The Super 76, "Free Aspirin and Tender Sympathy", Las Vegas Strip.