Penetration Testing mailing list archives
RE: network printers
From: "Todd Towles" <toddtowles () brookshires com>
Date: Mon, 12 Dec 2005 08:16:35 -0600
Mark wrote:
Haven't looked at printers in a while. Are there any best practices hardening and audit docs for printers?
Hey Mark, Depending on the model, this would change of course. But basically, I would treat it like workstation hardening. Disable unneeded services - telnet, webserver, tftp, ftp, change SNMP "passwords", all passwords, etc, etc. Ben is exactly correct, printer have been a great hiding spot on network for quite some time. Phenolit has always have good documents / tools on HP printers. The tftp services on those printers could also be a great internal attack service against routers/switches. -Todd ------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
Current thread:
- RE: network printers Todd Towles (Dec 12)
- <Possible follow-ups>
- RE: network printers McHenry, Glenn CTO1 (Dec 12)
- Re: network printers DMORROW5 (Dec 16)