Exposed HP LaserJet Printers Offer Anonymous FTP To the Public

itwbennett writes: In a blog post on Monday, security researcher Chris Vickery outlined the risks associated with networked HP LaserJet printers, which have been made available to the public by the organizations hosting them. 'There are a few free, open source pieces of software that can be used to upload and interact with HP printer hard drives over port 9100. After uploading to a printer, the file can be accessed by ... any web browser... It doesn't take much creativity to realize that even highly illegal materials could be stored this way,' Vickery wrote. CSO's Steve Ragan picked up the thread: A quick search on Shodan to confirm Vickery's findings returned thousands of results.

Re:Shodan marketing

Quite the opposite, I suspect the recent influx of news about Shodan is a concerted effort to get it shut down.

A couple weeks ago we had stories about this search engine let me find Hello Kitty's database full of children. Over the weekend we saw hit pieces about this search engine lets people spy on your sleeping kids. Today we have this search engine exposes FTP servers where people can store "highly illegal materials" (he isn't talking about your MP3 collection). Insecure webcams, insecure FTP servers, insecure databases, these have existed for years. In fact they've all been searchable by Shodan (and Google) for years. There's nothing new or newsworthy about it, but the articles keep coming, and they keep specifically mentioning Shodan.

Notice how these stories all have a think-of-the-children hysteria angle? Someone's trying *very hard* to equate the Shodan name with "this is a pedophile service and needs to be shut down."