Thanks, Francis... Looks like 750DP and 930 printers should be added to the list of printers that exibit this vuln. Unfortunately, your fix doesn't always work with printers. We've noticed on most printers, a blank gateway means "find out the gateway yourself." Most printers will utilize RIP, or worse, will just choose a gateway (i.e. 10.0.0.1 for network 10.0.0.0) of its own. We've seen tektronix printers do this as well as hp printers. We've suggested setting the default gateway as the IP address of the printer, and this usually limits the vulnerability, but not always. Best is to put it behind the corporate firewall or restrict it in other ways. Francis Favorini <francis.favoriniat_private> wrote: <snip> > I suggest not setting a default gateway for the printer's IP > configuration. > This should limit the vulnerability to your own subnet.
This archive was generated by hypermail 2b30 : Mon Apr 30 2001 - 17:51:06 PDT