You guys are pulling my leg right? How the heck does it infect a printer? I was under the impression that codered and Nimda "infected" windows operating systems. I've heard the volume of traffic created could DOS devices like printers that used HTTP for management. I thought the original poster was either joking or the victim of a practical joke, but after a second post I must be the butt of the joke. ----- Original Message ----- >From: Richard.Grantat_private >To: shafferat_private, incidentsat_private >Subject: RE: Nimda affecting HP LaserJet / JetDirect devices? >Date: Fri, 21 Sep 2001 15:42:07 -0400 > >We have no less than 20 Lexmark printers that were infected. In every case >they did not have up-to-date firmware. This started with Code Red and has >continued with Nimda. There are some notible differences though, Code Red >just started the printers sending out large quantities of packets. The Nimda >infected machines are searching for Web servers. In both cases upgrading the >firmware and restarting the printer has solved the problem. So far we have >not had any of our HP's infected by Nimda as they were by Code Red. This is >what we have found.. > >-----Original Message----- >From: Michael W. Shaffer [mailto:shafferat_private] >Sent: Friday, September 21, 2001 1:36 PM >Subject: Nimda affecting HP LaserJet / JetDirect devices? > >We are starting to get reports here from various users around our >site that our HP network printers are displaying strange messages >such as 'Good Morning', 'Nimda Live', and 'Kill Trees'. Has anyone >else noticed this behavior? Any information on what vulnerability >is being exploited here or whether this is the same Nimda agent as >that propagating across Windows platforms would be greatly >appreciated. ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Sat Sep 22 2001 - 11:44:34 PDT