RE: Securing Printers

["Dubber, Drew B" <drew.dubber () eds com>]

Apologies if this has been said before but nowadays printers come with a lot
more. For instance, there is normally a small web server on printers to
configure the settings such as IP address etc. Now I'm struggling to
remember the details but there was at least one printer with the web server
full of holes that it could have easily been compromised from an outside
source and potentially used as a gateway to get into something more
interesting. Think of what someone could achieve if there were a printer
pooling/re-direction option - all prints on that printer going to a third
party?!

Kind regards

Drew 

-----Original Message-----
From: Zurt [mailto:1algorta () rigel deusto es] 
Sent: 16 November 2004 21:23
Cc: sec-basic list
Subject: Re: Securing Printers

Ed Donahue wrote:

> The most immediate to me is a denial of service on the printer; 
> filling it's memory with jobs so that no one else could get in the 
> queue (or creating a single job that has so many pages that no one 
> else will be able to get in).  Furthermore, high-capacity printers can 
> burn through a decent amount of paper and toner, costing companies 
> money and inconvenience.
>
> I probably wouldn't be amused to find my printer used and abused.
>
> Another arguement is basic network security.  Because it's not 
> vulnerable isn't really a good reason to leave it open to the 
> internet; it goes against the most basic concepts of security: You 
> only allow what you need.  Anything else can be a leak of information 
> or a point to breach.
>
> -Ed
>
> On Nov 15, 2004, at 09:18, Bryce Embry wrote:
>
> > Howdy,
> >
> > A recent thread on BugTraq, along with some discussions with my 
> > colleagues, has me curious about printer security.  What dangers are 
> > there in giving a printer a public IP address?
> >
> > To me, a printer with a public IP sounds utterly foolish, but I'm not 
> > doing a very good job of making this point with my colleagues.  They 
> > usually respond with the question "Why would anyone want to print 
> > something to a printer they can't even find?".  My answers (usually 
> > "Why not?" or "it's a system running an OS that is subject to
> > exploitation")  don't seem to be very convincing, especially since I 
> > can't produce any known exploits.  I would appreciate any arguments 
> > and reasoning that would carry more weight, or enlightenment to help 
> > me stop being so paranoid.
> >
> > Thanks,
> >
> > Bryce
If the printer is running an OS wouldn't be possible to forward the printed
jobs to an intruder?? Some documents could be confidential...

--
_____
Zurt