Re: Using a Stand-Alone Network Printer as a network attack entry point?

From: R. DuFresne (dufresneat_private)
Date: Fri Aug 16 2002 - 09:30:04 PDT

Next message: David S. Morgan: "RE: Digital UNIX 5.60 recourses"

Previous message: Brewis, Mark: "RE: Using a Stand-Alone Network Printer as a network attack entry point?"
In reply to: Nick Jacobsen: "Using a Stand-Alone Network Printer as a network attack entry point?"
Next in thread: Bernt Lervik: "RE: Using a Stand-Alone Network Printer as a network attack entry point?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Most printers in a tcp/ip setting have all the network functionality
enclosed.  I recall years back when I would slip into a UofM printer,
then telnet off that into a printer at Mankato State, and telnet off
that...

So, if you can reach the printer <which, if the network folks know their
stuff, yer not able to get to from the outside, and should be forbidden
to go outside from if you are sitting within the soft-chewy center>, yer
already there <smile>. Jetdirect cards have never been a security
item...why even try to reinvent the wheel?  Unless I'm misunderstanding
you here.

Thanks,

Ron DuFresne

On Thu, 15 Aug 2002, Nick Jacobsen wrote:

> Hi all...
>     I came up with an idea, one that I've never heard discussed, of possibly
> modifying a stand-alone network printer (like most of the high-end office
> printers, hereafter referred to as a "SNP") to act as a full point to point
> proxy, or at least a simple pass through to the port and IP you specify in
> some sort of configuration.  The idea here would be to take a SNP and modify
> a ROM image for the specific printer to include the proxy functionality. I
> realize this could turn out to be quite difficult, but at the same time, it
> would provide a way into the internal network when no others are available.
> Any comments are most DEFINITELY welcome, flames less so, but if it's a
> stupid idea, let me know...
> 
> Nick Jacobsen
> nickat_private
> ethicsat_private
> 
> 
> ----------------------------------------------------------------------------
> This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
> Service. For more information on SecurityFocus' SIA service which
> automatically alerts you to the latest security vulnerabilities please see:
> https://alerts.securityfocus.com/
> 

-- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        admin & senior security consultant:  sysinfo.com
                        http://sysinfo.com

"Cutting the space budget really restores my faith in humanity.  It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation."
                -- Johnny Hart

testing, only testing, and damn good at it too!


----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

Next message: David S. Morgan: "RE: Digital UNIX 5.60 recourses"
Previous message: Brewis, Mark: "RE: Using a Stand-Alone Network Printer as a network attack entry point?"
In reply to: Nick Jacobsen: "Using a Stand-Alone Network Printer as a network attack entry point?"
Next in thread: Bernt Lervik: "RE: Using a Stand-Alone Network Printer as a network attack entry point?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Aug 16 2002 - 11:10:10 PDT