From: Al Stangenberger (forags@nature.berkeley.edu)
Date: Mon Oct 07 2002 - 18:08:33 PDT
In addition to LPR, HP JetDirect servers can also be accessed by ftp .
(it's a handy way to print a raw text file without having Windows mess with
it, but also a vulnerability..)
HP has a network security document for JetDirect servers:
http://www.hp.com/cposupport/networking/support_doc/bpj05999.html#P30_3055
-Al Stangenberger
At 05:20 PM 10/7/02 -0700, Craig Lant wrote:
>It's not bugbear. Bugbear doesn't attack printers. It is however likely
>another type of automated attack. As John Ward showed, attacks on LPR can
>cause printers to spew reams of paper. There are also attacks that
>actually target printers. The best solution is to configure the printer
>to reject connections from unknown addresses (or off campus
>addresses). If that can't be done, putting a firewall-ish box in front of
>the printer is another option. If the printer is on a switched port,
>that's fine. The User Installed Network Equipment Policy allows
>that. But, don't spend too much money doing that. You might be better
>off upgrading the printer so that it can reject connections itself.
>
>BTW, The firewall task force has submitted it's final report. It's on the
>web site for anyone to view.
>
> Thanks,
> Craig
>
>Greg Merritt wrote:
>>At 4:11 PM -0700 10/7/02, Eric Chamberlain wrote:
>>
>>>Another option
>>>would be to put a firewall or router in front of the printer and use it
>>>to filter IP addresses.
>>
>> A little tougher here on campus, where "User installation of a
>> router is strictly not allowed."
>> (http://www.net.berkeley.edu/policy_review/user_installed_netequip.html)
>> Also, there is a firewall task force which is currently charged with
>> looking at UCB firewall policy:
>> http://fwtf.berkeley.edu/
>>-Greg
>
>
>------------------------------------------------------------------------
>The following was automatically added to this message by the list server:
>
>For information about Micronet, including subscribing to
>or unsubscribing from its mailing list and finding out
>about upcoming meetings, please visit the Micronet Web site:
><http://micronet.berkeley.edu/>.
------------------------------------------------------------------------
The following was automatically added to this message by the list server:
For information about Micronet, including subscribing to
or unsubscribing from its mailing list and finding out
about upcoming meetings, please visit the Micronet Web site:
<http://micronet.berkeley.edu/>.
This archive was generated by hypermail 2b29 : Mon Oct 07 2002 - 18:10:33 PDT