Penetration Testing mailing list archives
RE: Using a Stand-Alone Network Printer as a network attack entry point?
From: "Ofir Arkin" <ofir () sys-security com>
Date: Fri, 16 Aug 2002 17:37:29 +0100
Nick, and all Any network device is a potential caveat for network security. Printers were and still are a very good network device to be subverted. Not only by taking full control and installing new software but as well as a tool to reproduce your CEO's personal letters or just send them elsewhere (hint, hint)... As I noted, this is not a new idea but it is still a nice one :) There are several nice ideas' that are similar, you should check out the following talks given at BH USA 2002 (presentations are available from: http://www.blackhat.com/html/bh-usa-02/bh-usa-02-speakers.html): - DC Phone Home, Higbee & Davis - Attacking Networked Embedded Systems, FX and kim0 Hope this helps Ofir Arkin [ofir () sys-security com] Founder The Sys-Security Group http://www.sys-security.com PGP CC2C BE53 12C6 C9F2 87B1 B8C6 0DFA CF2D D360 43FA -----Original Message----- From: Nick Jacobsen [mailto:nick () ethicsdesign com] Sent: 16 August 2002 05:20 To: pen-test () securityfocus com Subject: Using a Stand-Alone Network Printer as a network attack entry point? Hi all... I came up with an idea, one that I've never heard discussed, of possibly modifying a stand-alone network printer (like most of the high-end office printers, hereafter referred to as a "SNP") to act as a full point to point proxy, or at least a simple pass through to the port and IP you specify in some sort of configuration. The idea here would be to take a SNP and modify a ROM image for the specific printer to include the proxy functionality. I realize this could turn out to be quite difficult, but at the same time, it would provide a way into the internal network when no others are available. Any comments are most DEFINITELY welcome, flames less so, but if it's a stupid idea, let me know... Nick Jacobsen nick () ethicsdesign com ethics () netzero net ------------------------------------------------------------------------ ---- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/ ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
Current thread:
- Using a Stand-Alone Network Printer as a network attack entry point? Nick Jacobsen (Aug 16)
- RE: Using a Stand-Alone Network Printer as a network attack entry point? Ofir Arkin (Aug 16)
- Re: Using a Stand-Alone Network Printer as a network attack entry point? Security News (Aug 16)
- Re: Using a Stand-Alone Network Printer as a network attack entry point? R. DuFresne (Aug 16)
- <Possible follow-ups>
- RE: Using a Stand-Alone Network Printer as a network attack entry point? Bernt Lervik (Aug 19)
- Re: Using a Stand-Alone Network Printer as a network attack entry point? Nick Jacobsen (Aug 19)