Slashdot Mirror

← Back to Stories (view on slashdot.org)

Printers Vulnerable To Security Threats

Posted by kdawson on from the infected-my-what? dept.

jcatcw writes "Networked printers are more vulnerable to attack than many organizations realize. Symantec has logged vulnerabilities in five brands of network printers. Printers outside firewalls, for ease of remote printing, may also be open to easy remote code execution. They can be possible launching pads for attacks on the rest of the network. Disabling services that aren't needed and keeping up with patches are first steps to securing them." From the article: "Security experts say that printers are loaded with more complex applications than ever, running every vulnerable service imaginable, with little or no risk management or oversight.... [N]etworked printers need to be treated like servers or workstations for security purposes — not like dumb peripherals."

4 of 173 comments (clear)

  1. Try it out by delirium+of+disorder · · Score: 5, Interesting

    Over the past several years, if you did a random port scan of the Internet (nmap -iR) the majority of open telnet (tcp port 23) servers were print servers that let you telnet in and change all sorts of settings.

    --
    ------ Take away the right to say fuck and you take away the right to say fuck the government.
  2. Campus Printers by cpearson · · Score: 4, Interesting

    On many if not most college campuses the printers are administered and accounted for my a system tied to a student id. Each student can get so many free prints per semester and can pay per print after exceeding that. Malicious code executing on a print server could sniff all the student accounts accessing the printer.

    http://www.vistahelpforum.com/

    --
    Windows Vista Help Forum
  3. Re:Unless... by Jeremiah+Cornelius · · Score: 4, Interesting

    We used these REGULARLY to exploit banks, in our testing.

    The high-end HPs had both harddisk, and a JVM with listening socket on port 80. WHeee!

    --
    "Flyin' in just a sweet place,
    Never been known to fail..."
  4. Re:Unless... by FooAtWFU · · Score: 4, Interesting
    My school, before the Great Firewalling of its network a few years ago, had its printers open to the whole Internet. Apparently someone hacked into one and used it as an FTP server for warez and porn. And it still worked as a printer. :)

    Of course, this also means that I can't stick up a website for the world from my laptop anymore, either. =/ Ah well.

    --
    The World Wide Web is dying. Soon, we shall have only the Internet.