Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: printer attacks?
From: doc tarrow <doc.tarrow () gmail com>
Date: Wed, 2 Nov 2011 09:48:45 -0500

On Tue, Nov 1, 2011 at 8:05 AM, <foofus () foofus net> wrote:

Is this stuff for real?


Yes indeed.


Thanks for the link.

Here's the thing. I'm working on an internal team. I've watched this talk,
I've downloaded Praeda and scanned some of our internal nets, and think I
have a general sense of what the future might hold in this area. I keep
coming back to my original question. Is this stuff for real? Am I missing
something, or is the answer to "block port 80." I'm curious, but know I'll
never get a serious answer here, to know if these things are actually being
exploited in the wild. 10 minutes with a search engine searching for
internet-connected printers seems to reveal interesting targets.

Also, whoever deals with these things, please note that pen-test@ seems to
be bustimicated.

<pen-test () lists securityfocus com>: ezmlm-reject: fatal: Sorry, I don't
accept messages of MIME Content-Type 'multipart/alternative' (#5.2.3)

That was received when sending from gmail.

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]