RE: Dumping Data From Printers

["Newton, Preston" <cpnewton () eprod com>]

I'm not expert within this area, but here's my 2 cents.


There are several avenues to "dump" print jobs.  One is if you are on
the same LAN segment as the printer you could easily arp poison and
create a mitm scenario with the printer.  So you basically don't need to
dump anything, you just sniff the network traffic and capture all the
print jobs.  The easiest and cheapest way to mitigate this risk is to
have a dedicated printer network, which has network level security to
detect any non-printer MAC Addresses or malicious/unrecognized systems
on that network.  If you network is vlan'd out, this is an easy fix, but
it would take time to coordinate with your printer server admins.  There
is still some risk even with this, which could include a person placing
a hub on the network and masking their systems, such as shutting down a
less used printer and spoofing the MAC Address of that system.  Point
being, any security implementation can be circumvented by a willing
person.

Physical access is always a risk.  What's to keep a person, any person
(employee or not), from ripping the hard-drive or ram out of a printer
and quickly imaging it?  Encryption can solve this, but I have not truly
researched this topic to discover if any corporations offer printer
ram/hd encryption.  I'm sure it's out there, I'd hope the gov't would be
using encryption on their printers.

Some printers actually store documents that can be retrieved later, if
this isn't a glaring security risk I don't know what is.  Hack into the
web interface and retrieve the documents, or just ftp into the printer
and yank the documents out.

We can't think of printers as dumb devices that simple perform data in,
data out.  They are computers in every sense, and as computers they need
to have their own security policies, procedures, and protection
mechanisms.

Quick google search turned this up.  They show some hacks and other
things you can do with HP and Ricohs.
http://www.irongeek.com/i.php?page=security/networkprinterhacking#Stupid
%20Printer%20Tricks

Bruce Schneier had this posted in 2006
http://www.schneier.com/blog/archives/2006/08/printer_securit.html

http://www.governmentsecurity.org/articles/HackingMulti-FunctionalPrinte
rs.php

Nice write-up from computer world (has attack vectors and solutions)
http://www.computerworld.com/action/article.do?command=printArticleBasic
&articleId=277746



-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of ahgaber_rehan () yahoo com
Sent: Wednesday, May 07, 2008 1:40 AM
To: pen-test () securityfocus com
Subject: Dumping Data From Printers

I wonder if there is a tool that can enable a person to dump the print
jobs , or data sent to Network Printers?

Another question 

what would be the greatest risk if network admin leave Network printers
without password protected.

i can telnet to the printer, gain access to the configuration file,
which can enable me to stop the printer function, changing network
configuration. 
But istill see the greatest risk is getting the printed data. any one
can advice on this ??

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------



------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------