Printer vulnerabilities - is it necessary?

shochanshochan Member Posts: 1,004 ■■■■■■■■□□
Are you disabling your printer protocols nowadays that you don't use? if not, Nessus scans are saying you should.

Apparently, back in Feb 2017 some teenager decided to wake up the security community about how we simply ignore these security settings in our printers. READ

I am having to disable a ton of printer protocols due to vulnerabilities scans recently & OH BOY it's SO fun! <insert sarcasm>

Just curious if you are doing this OR not...OR if you are going to start doing this on your network?

CHEERS & HI5!
CompTIA A+, Network+, i-Net+, MCP 70-210, CNA v5, Server+, Security+, Cloud+, CySA+, ISC² CC, ISC² SSCP

Comments

  • PhalanxPhalanx Member Posts: 331 ■■■□□□□□□□
    Interesting. Thanks for this, I'll have to read this at work tomorrow and check it out.
    Client & Security: Microsoft 365 Modern Desktop Administrator Associate | MCSE: Mobility
    Server & Networking: MCSA: Windows Server 2016 | MTA: Networking Fundamentals
    Data Privacy & Project/Service Management: PECB GDPR DPO/Practitioner | ITIL 2011: Foundation | CompTIA Project+
    Currently Studying: Microsoft 365 Enterprise Administrator Expert
  • cyberguyprcyberguypr Mod Posts: 6,928 Mod
    This is totally unnecessary. Printers do not get attacked, same thing with IoT... oh wait...
  • ErtazErtaz Member Posts: 934 ■■■■■□□□□□
  • stryder144stryder144 Member Posts: 1,684 ■■■■■■■■□□
    Here is HP's take on things.
    The easiest thing to be in the world is you. The most difficult thing to be is what other people want you to be. Don't let them put you in that position. ~ Leo Buscaglia

    Connect With Me || My Blog Site || Follow Me
  • PC509PC509 Member Posts: 804 ■■■■■■□□□□
    It's a policy of ours for a long time. Only the necessary services run on brings. Every printer goes through our check sheet.
  • YFZbluYFZblu Member Posts: 1,462 ■■■■■■■■□□
    Sure - but start by not having printers on the internet. Yeesh.
  • scaredoftestsscaredoftests Mod Posts: 2,780 Mod
    well maybe some network printers or scanners...
    Never let your fear decide your fate....
  • rob42rob42 Member Posts: 423
    There's quite an interesting post at https://www.tenable.com/blog called "Rooting a Printer: From Security Bulletin to Remote Code Execution", by Jacob Baines.
    No longer an active member
  • JasminLandryJasminLandry Member Posts: 601 ■■■□□□□□□□
    About this blog post, I find it crazy that netcat is installed on there. Why the hell would that tool be installed on a printer?
  • rob42rob42 Member Posts: 423
    About this blog post, I find it crazy that netcat is installed on there. Why the hell would that tool be installed on a printer?


    Yes, you see it too!

    All I can think is that a linux disto was used 'as is'; someting like the mini.iso, for instance. As it's a linux os, it comes with 'nc'. Just lazy I guess...
    No longer an active member
  • mbarrettmbarrett Member Posts: 397 ■■■□□□□□□□
    About this blog post, I find it crazy that netcat is installed on there. Why the hell would that tool be installed on a printer?

    I think this is related to the main concern - someone could use the printer as a pivot for other attacks or scans. Regarding the printer itself, some of the larger ones do have a hard drive, etc. that might hold copies of past print/scan/copy jobs.
  • SteveLavoieSteveLavoie Member Posts: 1,133 ■■■■■■■■■□
    I think this is related to the main concern - someone could use the printer as a pivot for other attacks or scans. Regarding the printer itself, some of the larger ones do have a hard drive, etc. that might hold copies of past print/scan/copy jobs.

    It is something I had always test in a pen test. In SMB, I frequently find network printer with default password, and sometime I found sensitive documents on their hard drive... Payroll, password list etc.. :)

    Once, I found a real treasure trove, I found that one employee was stealing information, as he was printing very sensitive document the week before leaving his job. Printer are real snitches :)
Sign In or Register to comment.