Security Incidents mailing list archives
Re: Printer exploit?
From: Thomas Corriher <tcorriher () earthlink net>
Date: Wed, 27 Jun 2001 23:05:06 -0400 (EDT)
(Oh, how I hope they have improved :) but the thing to look for in their setup utilities is a way to restrict connections to only a few IP addresses -- the print servers on your NT/Unix machines that have logging and much better access controls (tcpd aka tcp wrappers, or an NT equivelent which I hope exists).
This is just a technicality, but I do not think that the lp daemon uses the standard TCP Wrappers. This is because the daemon consults the /etc/hosts.lpd file, instead of the usual /etc/hosts.allow file. The format is different too. Everyone who uses the generic lpd should create (touch) the /etc/hosts.lpd file on every new machine, to block unapproved access to the daemon. An empty file means no access. Counting on the /etc/hosts.allow and /etc/hosts.deny files for protection is useless. I wonder if some of the people reading this are now saying to themselves: oh sh... What I have said is true for Linux lpd. There may be differences in the lpds which are shipped with other Unices. -- Thomas Corriher ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- Printer exploit? Brendan Murphy (Jun 26)
- Re: Printer exploit? Tohru Watanabe (Jun 27)
- Re: Printer exploit? Piotr Klaban (Jun 27)
- Re: Printer exploit? sarnold (Jun 27)
- Re: Printer exploit? Thomas Corriher (Jun 28)
- Re: Printer exploit? John Leach (Jun 28)
- Re: Printer exploit? Vangelis Haniotakis (Jun 28)
- Re: Printer exploit? HyunWoo Lee (Jun 29)
- RE: Printer exploit? Rocket Downing (Jun 28)
- Re: Printer exploit? Vangelis Haniotakis (Jun 28)
- <Possible follow-ups>
- Re: Printer exploit? lifeonmars (Jun 27)
- RE: Printer exploit? John Hanks (Jun 27)
- RE: Printer exploit? Richard . Grant (Jun 27)
- Re: Printer exploit? Piotr Klaban (Jun 28)
- Re: Printer exploit? Jeremy Sanders (Jun 29)