AOA Forums AOA Forums AOA Forums Folding For Team 45 AOA Files Home Front Page Become an AOA Subscriber! UserCP Calendar Memberlist FAQ Search Forum Home


Go Back   AOA Forums > Software > Data Security

Data Security Viruses, Firewalls and Safe computing


Reply
 
LinkBack Thread Tools Rate Thread
  #1 (permalink)  
Old 24th January, 2006, 06:28 AM
robbie's Avatar
AOA Staff
 
Join Date: November 2001
Location: Out in the desert of Ca.
Posts: 12,548
Send a message via AIM to robbie Send a message via MSN to robbie Send a message via Yahoo to robbie Send a message via Skype™ to robbie

Your printer can harm you

I pulled this over from copiertalk.com

News Story by Robert L. Scheier

JANUARY 23, 2006 (COMPUTERWORLD) - That innocent-looking printer in the corner might be gunning for you.

Because many printers and copiers have a processor, storage, an operating system and a network connection, they're as capable as a PC of launching an attack, says Mike Hawkins, associate director of networking at the University of North Carolina at Chapel Hill. Hawkins says he has seen "many, many" printers on campus used to store and download files or "used to launch attacks against other computers."

"We've found almost countless examples of where the compromise of an office productivity system, such as a printer or copier or fax, [is] used for illicit purposes," says John Rose, chief technology officer at network security vendor Enterasys Networks in Andover, Mass.

Preventing such attacks requires the same controls and monitoring as are used for PCs or servers. While copiers have inherently weak authentication, says Rose, strict policies limiting the bandwidth they can access and the network protocols they can use make them operate a less like PCs and thus a less attractive target. Other options include "placing them in a protected [virtual LAN] or behind a network gateway," says Burton Group analyst Diana Kelley.

Whatever you do, don't assume that a good printer can't go bad.



Note: MOST of the OS's that run the controllers are Linux OS's. At least the one's that I deal with.
__________________
Taking each day as it comes
Grow, learn and OVERCLOCK. Need help?? Ask me.
Your Mommy!! (Aug/02) Welcome to the fold.
Buy it, Sell it, or Trade it in the AoA classifieds!!
AOA Team fah
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #2 (permalink)  
Old 24th January, 2006, 09:42 AM
Chief Systems Administrator
 
Join Date: September 2001
Location: Europe
Posts: 13,075

Lets see, a good multipurpose device usually has a fair bit of processing power, a nice backing store and good network connectivity. For those involved in IT security, it's been well known for many years that printers (and especially multipurposes devices) are not that secure. However, I've yet to come across a printer actively launch an attack. On the other hand, I have seen people 'borrow' the IP address that a printer uses to make it difficult to trace them.
__________________
Any views, thoughts and opinions are entirely my own. They don't necessarily represent those of my employer (BlackBerry).

Last edited by Áedán; 24th January, 2006 at 09:51 AM.
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #3 (permalink)  
Old 24th January, 2006, 09:53 AM
Daniel ~'s Avatar
Chief BBS Administrator
 
Join Date: September 2001
Location: Seattle Wa.
Posts: 45,606

Front page Robbie!

http://www.aoaforums.com/frontpage/index.php
__________________
"Though all men live in ignorance before mystery,
they need not live in darkness...
Justice is foundation and Mercy ETERNAL
."
DKE

"All that we do is touched by Ocean
Yet we remain on the shore of what we know."
Richard Wilbur

[img]/forum/attachments/random-nonsense/16515-sigs-dan_drag.jpg[/img]
Subscribers! Ask Pitch about a Custom Sig Graphic

Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #4 (permalink)  
Old 24th January, 2006, 03:40 PM
robbie's Avatar
AOA Staff
 
Join Date: November 2001
Location: Out in the desert of Ca.
Posts: 12,548
Send a message via AIM to robbie Send a message via MSN to robbie Send a message via Yahoo to robbie Send a message via Skype™ to robbie

Quote:
Originally Posted by Áedán
On the other hand, I have seen people 'borrow' the IP address that a printer uses to make it difficult to trace them.

Guilty as charged!!!
__________________
Taking each day as it comes
Grow, learn and OVERCLOCK. Need help?? Ask me.
Your Mommy!! (Aug/02) Welcome to the fold.
Buy it, Sell it, or Trade it in the AoA classifieds!!
AOA Team fah
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #5 (permalink)  
Old 24th January, 2006, 06:54 PM
cloasters's Avatar
Asst. BBS Administrator
 
Join Date: September 2001
Location: Location, Location
Posts: 21,956

Fer Christ's sake, pretty soon your digital watch will be used to launch dDOS attacks. And the gummint will say "guilty!" when you had no idea. This steams my rutabagas.
__________________
When the world will be better.
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #6 (permalink)  
Old 24th January, 2006, 07:36 PM
Daniel ~'s Avatar
Chief BBS Administrator
 
Join Date: September 2001
Location: Seattle Wa.
Posts: 45,606

Something seems to be taking on a shape of it's own in all of this. Something about character formation and cultural vulnerabilities to those we have raised and educated improperly.

That guy we all hate, the weired ass one download loading bits of malicious code... We may be getting very near the point when using force to stop him no longer avails as there are way to many "Hims" and they are way to unhappy with their lives and their default place in life to back away under the little threat we can bring to bear.

At some point if we want these things, we may have to make sure almost everyone has them and is invested in having them work properly.

It seems to me that for that to happen, we may have to go back and invest in every child we left behind.

Can we really expect to find better moral values on the internet than we elect to govern us?
__________________
"Though all men live in ignorance before mystery,
they need not live in darkness...
Justice is foundation and Mercy ETERNAL
."
DKE

"All that we do is touched by Ocean
Yet we remain on the shore of what we know."
Richard Wilbur

[img]/forum/attachments/random-nonsense/16515-sigs-dan_drag.jpg[/img]
Subscribers! Ask Pitch about a Custom Sig Graphic

Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #7 (permalink)  
Old 30th January, 2006, 03:37 AM
Member
 
Join Date: January 2006
Posts: 2

When I was on placement as part of my degree, I tried telnetting to our HP laserjet's jetdirect cards - needless to say my boss hadn't put passwords on them, but he'd probably have thought I was up to mischief if I pointed this out to him
__________________
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
Reply



Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Rate This Thread
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On


Similar Threads
Thread Thread Starter Forum Replies Last Post
Congress: P2P networks harm national security Daniel ~ GAMES! OH YEAH! 9 26th July, 2007 07:25 PM
Photo Printer? Uncle Bob General Hardware Discussion 7 2nd May, 2003 06:14 AM
Printer Problem Dsherm112 Graphics and Sound cards; Speakers and other Peripherals 10 15th October, 2002 02:29 AM
Robbie- printer q' The Spyder General Hardware Discussion 3 21st May, 2002 04:40 AM
Thats IT!! I need a new Printer!!! The Spyder General Hardware Discussion 14 20th April, 2002 07:57 PM


All times are GMT +1. The time now is 11:36 AM.


Copyright ©2001 - 2010, AOA Forums
Don't Click Here Don't Click Here Either

Search Engine Friendly URLs by vBSEO 3.3.0