|
-
August 6th, 2003, 05:22 AM
#11
I can only imagine the pandimonium that would occur. LOL.
"Hunny what happened to the coffee maker?"
"Nothing just another hacker got into it." LOL
PeacE
-BoB
#!/usr/local/bin/perl -s-- -export-a-crypto-system-sig -RSA-in-3-lines-PERL
($k,$n)=@ARGV;$m=unpack(H.$w,$m.\"\\0\"x$w),$_=`echo \"16do$w 2+4Oi0$d*-^1[d2%
Sa2/d0<X+d*La1=z\\U$n%0]SX$k\"[$m*]\\EszlXx++p|dc`,s/^.|\\W//g,print pack(\'H*\'
,$_)while read(STDIN,$m,($w=2*$d-1+length($n||die\"$0 [-d] k n\\n\")&~1)/2)
-
August 6th, 2003, 05:23 AM
#12
Junior Member
Wow, I have seen quite a few odd things, but I have never seen or heard of a printer DoS'ing a computer. That is quite interesting. Now everyone has to start putting permissions on printers that deny connections, not only print jobs now; before it was sufficient to just limit printing to local subnets, now it looks like we will have to have dedicated boxes for printers after all, just set iptables to drop all packets that don't come from LAN IP's.
-
August 6th, 2003, 03:51 PM
#13
Interesting, this coincides with a conversation I had just this week with a friend who is using a printer as a honeypot.
I have always locked down my printers because they ALL have web servers and since it's a web server I have always thought... hmmm. And even the older ones you could telnet to. This is one of the most interesting articles I have read in a long time. 
West of House
You are standing in an open field west of a white house, with a boarded front door.
There is a small mailbox here.
-
August 6th, 2003, 05:27 PM
#14
Yep, and to take this a step farther (I love doing that ), you can actually ftp to HP print servers and upload *tons* of garbage to the print server rendering it useless. Today you find HP jet direct print servers with a Webserver, FTP service and Telnet service. All are wide open out of the box and the great thing about HP is they give you the Jet Admin software, which, you guessed it, out of the box is wide open. This means that you can down printing services enterprise-wide in minutes if you don't take the necessary steps to lock down a print server.
One more side note: When I started at my current position, I found print servers (i.e. Jet Direct Print Servers) used as mini WAREZ servers. They have enough space to house toolz and other nasty business.
Keep your eyes on other internal hardware in the months to come. You'll see an increase in attacks on devices that admins typically don't think about.
Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden
-
August 6th, 2003, 05:59 PM
#15
I find it amazing and interesting that an entire network was compromised by a single model set of HP printers. Sure there were other issues, but the system was compromised based on accessing a printer and then re-compromised later by the same doorway.
West of House
You are standing in an open field west of a white house, with a boarded front door.
There is a small mailbox here.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote
