Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Penetration Testing: Multifunction devices

Multifunction devices

From: Edwards, David (JTS) <Edwards.Dave_at_saugov.sa.gov.au>
Date: Fri, 3 May 2002 11:01:30 +0930

Hi,

I've been asked to look at the security of multifunction devices such as the
new RICOH and HP models that combine printer/fax/scanner/copier etc.. They
seem to be moving from the SOHO environment onto the corporate networks and
there obviously a risk to assess.

So far I've been unable to find any incidents regarding these devices. They
seem to include a complete tcp/ip stack, many have internal hard disks, and
they often offer many network services such as ftp, telnet, snmp, http and
even e-mail, which probably only pay lip service to security given their
focus on functionality.

Has anyone got any war stories about these types of machines or information
about the source of the embedded systems?

ciao
dave 

---
Dave Edwards 
Justice Technology Services
Ph: +61 8 82265426 || 0408 808355 
mailto: edwards.dave_at_saugov.sa.gov.au
Snail : Justice Technology Division 
        GPO Box 2048, Adelaide 5001
---
----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
Received on May 05 2002
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]