Home page logo
/

pen-test logo Penetration Testing mailing list archives

RE: Using a Stand-Alone Network Printer as a network attack entry point?
From: "Ofir Arkin" <ofir () sys-security com>
Date: Fri, 16 Aug 2002 17:37:29 +0100

Nick, and all

Any network device is a potential caveat for network security.

Printers were and still are a very good network device to be subverted.

Not only by taking full control and installing new software but as well
as a tool to reproduce your CEO's personal letters or just send them
elsewhere (hint, hint)... 

As I noted, this is not a new idea but it is still a nice one :)

There are several nice ideas' that are similar, you should check out the
following talks given at BH USA 2002 (presentations are available from:
http://www.blackhat.com/html/bh-usa-02/bh-usa-02-speakers.html): 

- DC Phone Home, Higbee & Davis 
- Attacking Networked Embedded Systems, FX and kim0

Hope this helps

Ofir Arkin [ofir () sys-security com]
Founder
The Sys-Security Group
http://www.sys-security.com
PGP CC2C BE53 12C6 C9F2 87B1 B8C6 0DFA CF2D D360 43FA  

-----Original Message-----
From: Nick Jacobsen [mailto:nick () ethicsdesign com] 
Sent: 16 August 2002 05:20
To: pen-test () securityfocus com
Subject: Using a Stand-Alone Network Printer as a network attack entry
point?

Hi all...
    I came up with an idea, one that I've never heard discussed, of
possibly
modifying a stand-alone network printer (like most of the high-end
office
printers, hereafter referred to as a "SNP") to act as a full point to
point
proxy, or at least a simple pass through to the port and IP you specify
in
some sort of configuration.  The idea here would be to take a SNP and
modify
a ROM image for the specific printer to include the proxy functionality.
I
realize this could turn out to be quite difficult, but at the same time,
it
would provide a way into the internal network when no others are
available.
Any comments are most DEFINITELY welcome, flames less so, but if it's a
stupid idea, let me know...

Nick Jacobsen
nick () ethicsdesign com
ethics () netzero net


------------------------------------------------------------------------
----
This list is provided by the SecurityFocus Security Intelligence Alert
(SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please
see:
https://alerts.securityfocus.com/



----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault