Printer vulnerabilities - is it necessary?
Are you disabling your printer protocols nowadays that you don't use? if not, Nessus scans are saying you should.
Apparently, back in Feb 2017 some teenager decided to wake up the security community about how we simply ignore these security settings in our printers. READ
I am having to disable a ton of printer protocols due to vulnerabilities scans recently & OH BOY it's SO fun! <insert sarcasm>
Just curious if you are doing this OR not...OR if you are going to start doing this on your network?
CHEERS & HI5!
Apparently, back in Feb 2017 some teenager decided to wake up the security community about how we simply ignore these security settings in our printers. READ
I am having to disable a ton of printer protocols due to vulnerabilities scans recently & OH BOY it's SO fun! <insert sarcasm>
Just curious if you are doing this OR not...OR if you are going to start doing this on your network?
CHEERS & HI5!
CompTIA A+, Network+, i-Net+, MCP 70-210, CNA v5, Server+, Security+, Cloud+, CySA+, ISC² CC, ISC² SSCP
Comments
-
Phalanx Member Posts: 331 ■■■□□□□□□□Interesting. Thanks for this, I'll have to read this at work tomorrow and check it out.Client & Security: Microsoft 365 Modern Desktop Administrator Associate | MCSE: Mobility
Server & Networking: MCSA: Windows Server 2016 | MTA: Networking Fundamentals
Data Privacy & Project/Service Management: PECB GDPR DPO/Practitioner | ITIL 2011: Foundation | CompTIA Project+
Currently Studying: Microsoft 365 Enterprise Administrator Expert -
cyberguypr Mod Posts: 6,928 ModThis is totally unnecessary. Printers do not get attacked, same thing with IoT... oh wait...
-
Ertaz Member Posts: 934 ■■■■■□□□□□Sore subject here. Great place to lose PCI account data. https://www.tenable.com/blog/rooting-a-printer-from-security-bulletin-to-remote-code-execution
-
stryder144 Member Posts: 1,684 ■■■■■■■■□□Here is HP's take on things.The easiest thing to be in the world is you. The most difficult thing to be is what other people want you to be. Don't let them put you in that position. ~ Leo Buscaglia
Connect With Me || My Blog Site || Follow Me -
PC509 Member Posts: 804 ■■■■■■□□□□It's a policy of ours for a long time. Only the necessary services run on brings. Every printer goes through our check sheet.
-
YFZblu Member Posts: 1,462 ■■■■■■■■□□Sure - but start by not having printers on the internet. Yeesh.
-
scaredoftests Mod Posts: 2,780 Modwell maybe some network printers or scanners...Never let your fear decide your fate....
-
rob42 Member Posts: 423There's quite an interesting post at https://www.tenable.com/blog called "Rooting a Printer: From Security Bulletin to Remote Code Execution", by Jacob Baines.No longer an active member
-
JasminLandry Member Posts: 601 ■■■□□□□□□□About this blog post, I find it crazy that netcat is installed on there. Why the hell would that tool be installed on a printer?
-
rob42 Member Posts: 423JasminLandry wrote: »About this blog post, I find it crazy that netcat is installed on there. Why the hell would that tool be installed on a printer?
Yes, you see it too!
All I can think is that a linux disto was used 'as is'; someting like the mini.iso, for instance. As it's a linux os, it comes with 'nc'. Just lazy I guess...No longer an active member -
mbarrett Member Posts: 397 ■■■□□□□□□□JasminLandry wrote: »About this blog post, I find it crazy that netcat is installed on there. Why the hell would that tool be installed on a printer?
I think this is related to the main concern - someone could use the printer as a pivot for other attacks or scans. Regarding the printer itself, some of the larger ones do have a hard drive, etc. that might hold copies of past print/scan/copy jobs. -
SteveLavoie Member Posts: 1,133 ■■■■■■■■■□I think this is related to the main concern - someone could use the printer as a pivot for other attacks or scans. Regarding the printer itself, some of the larger ones do have a hard drive, etc. that might hold copies of past print/scan/copy jobs.
It is something I had always test in a pen test. In SMB, I frequently find network printer with default password, and sometime I found sensitive documents on their hard drive... Payroll, password list etc..
Once, I found a real treasure trove, I found that one employee was stealing information, as he was printing very sensitive document the week before leaving his job. Printer are real snitches