Search



AuthenticationWorld.Com

About

This page contains a single entry from the blog posted on January 25, 2007 4:17 PM.

The previous post in this blog was Three more reasons for a layered identity defense.

The next post in this blog is Bad news brewing up a wicked storm.

Many more can be found on the main index page or by looking through the archives.

Subscribe to this blog's feed
[What is this?]

« Three more reasons for a layered identity defense | Main | Bad news brewing up a wicked storm »

Authenticating Printers - Hacking printers as a stepping off point into the enterprise

The use of printers as an entry point or stepping off point for hackers into the enterprise has been documented for some time. However, enterprises need to be more aware of the security threat from printers.

Brendan O'Connor, at the Black Hat conference last summer, demonstrated how to hack into an enterprise by using the Xerox WorkCenter.

In a recent Computerworld article, Deb Radcliff outlines O'Connor's hacks and then expanded on the theme of hacking printers. As she points out O'Connor used printers to do "password-catching, password-snarfing (changing passwords), hijacking functions, grabbing print jobs and playing with a billing program." She additionally points out "Symantec logged 12 new security vulnerabilities for five network printer brands: Brother, Canon, Epson, Fujitsu, Hewlett-Packard, Lexmark and Xerox. Twelve may seem like an insignificant number, but keep in mind that it’s greater than the number of printer-specific vulnerabilities found in 2005 (10). And the number of such vulnerabilities found in the past two years account for nearly half of all printer vulnerabilities identified since 1997 (52). This means we’re in the preattack stage with printers, says Chris Wysopal, former director of research and development at @Stake Inc., a security vulnerability assessment firm that was acquired by Symantec."

Adrian Crenshaw wrote an excellent article in early 2006 "Hacking Network Printers" in which he gives step by step examples of how to hack printers.

Bottom line: Printers are rising up the list of attack vectors chosen by criminals.

All of this boils down to the following:
1. Make sure that general use printers have the default authentication passwords changed.
2. Make sure that high sensitivity printers use stronger authentication.
3. Ensure that all non-required services are shut off in printers.
4. Keep up to date with patch implementations from printers.
5. Configure your internal detection systems to watch printers for unlikely behavior.

Guy
www.authenticationworld.com
guy.huntington@authenticationworld.com

Posted by Guy Huntington on January 25, 2007 4:17 PM |

TrackBack

TrackBack URL for this entry:
http://www.authenticationworld.com/cgi-bin/blog/mt-tb.cgi/74

Post a comment

(If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thanks for waiting.)