1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Excellent piece on printer Security

Discussion in 'Computer Security' started by zebulebu, Aug 13, 2006.

  1. zebulebu

    zebulebu Terabyte Poster

    Anyone who has ever thought that printers are just dumb devices that sit on your LAN and only require a visit every so often to change a toner cartridge would do well to read this article, describing a major flaw found in Xerox's print server software.

    Whilst this is one of the very rare occasions that a vulnerability in such software has been well-publicised, it is certainly not an irregular occurence to find flaws in the way manufacturers deliver print management capability to end users.

    Next time you're up for a spot of Googledorking, try this particular little beauty:

    "Copyright(C) 2000-2003 Brother Industries, Ltd."

    Whilst it is certainly the responsibility of manufacturers to let end-users know that there are potential flaws in their print management software, (or at the very least, sever security risks in leaving default configurations on printers), if an organisation can't be bothered to prevent their printers from being managed by all and sundry over the internet, do you think their network security is likely to be up to scratch?

    When was the last time YOU looked to see whether there were patches available for your printers' firmware?

    Certifications: A few
    WIP: None - f*** 'em
  2. hbroomhall

    hbroomhall Petabyte Poster Gold Member

    And there was a well-known problem with HP JetDirect I believe.

    I have that port blocked on my router as I have one!

    Certifications: ECDL A+ Network+ i-Net+
    WIP: Server+
  3. Bluerinse
    Honorary Member

    Bluerinse Exabyte Poster

    Sorry Zeb, I tried googledorking that phrase but the returned links don't lead to anything unusual :blink
    Certifications: C&G Electronics - MCSA (W2K) MCSE (W2K)
  4. zebulebu

    zebulebu Terabyte Poster

    Bluerinse - you got mail...
    Certifications: A few
    WIP: None - f*** 'em

Share This Page