RE: Securing Printers

["David Gillett" <gillettdavid () fhda edu>]

  Many network printers these days seem to offer unsecured (and
perhaps even unsecurable!) web and ftp servers as part of their 
function.  These are services that get probed and attacked regularly.
Printers should be blocked from Internet access, at least -- and if
you're doing that, why waste a public IP address on them?  In most
organizations, public IP addresses are a precious resource.

David Gillett



> -----Original Message-----
> From: Bryce Embry [mailto:embryb () k12tn net]
> Sent: Monday, November 15, 2004 9:19 AM
> To: sec-basic list
> Subject: Securing Printers
>
>
> Howdy,
>
> A recent thread on BugTraq, along with some discussions with my 
> colleagues, has me curious about printer security.  What dangers are 
> there in giving a printer a public IP address?
>
> To me, a printer with a public IP sounds utterly foolish, but I'm not 
> doing a very good job of making this point with my colleagues.  They 
> usually respond with the question "Why would anyone want to print 
> something to a printer they can't even find?".  My answers 
> (usually "Why 
> not?" or "it's a system running an OS that is subject to 
> exploitation") 
>   don't seem to be very convincing, especially since I can't 
> produce any 
> known exploits.  I would appreciate any arguments and reasoning that 
> would carry more weight, or enlightenment to help me stop being so 
> paranoid.
>
> Thanks,
>
> Bryce