I certainly agree there is a problem with printer security across the
campus.

In my view, the problem is not a result of lack of information about
subnets, vulnerabilities and/or attack vectors. We can (and already do)
bury the campus in this kind of information.

I would be interested in continuing the conversation and offering my view
of why something like printer security continues to be a problem, and this
might be a good opportunity to discuss this year's funding proposal for
information security. However, we should move this discussion off of
micronet. Micronet is very public. (The likely culprit behind this latest
wave of printer spamming has already posted this micronet threat in his
twitter feed, for example.) If you are not a member of UCB-security,
perhaps join there first, and we can continue the discussion there?

https://security.berkeley.edu/resources/mailing-lists-workgroups/ucb-security-mailing-list

Paul


On Fri, Mar 25, 2016 at 8:27 AM, Alex Warren <alex.war...@berkeley.edu>
wrote:

> Paul,
>
>
>
> I actually think what this shows is the lack of security people put into
> setting up their network printers.  Hopefully this isn’t a symptom of a
> larger problem that people have with hardening their systems/peripherals to
> prevent unauthorized use.  Campus should really invest in a product that
> can map the network and show us all our subnets and all attack vectors for
> every machine on campus.
>
>
>
> Alex Warren
>
> CED IIT
>
> University of California, Berkeley
>
> 485 Wurster Hall
>
> Berkeley, CA 94720
>
> (510) 295-5714
>
>
>
> *From:* micronet-list-boun...@lists.berkeley.edu [mailto:
> micronet-list-boun...@lists.berkeley.edu] *On Behalf Of *Paul Rivers
> *Sent:* Thursday, March 24, 2016 1:09 PM
> *To:* Allison Henry <akhe...@security.berkeley.edu>
> *Cc:* Micronet List <micronet-list@lists.berkeley.edu>; Keenan Parmelee <
> keenanp...@berkeley.edu>
> *Subject:* Re: [Micronet] Neo-Nazi Printer Spam
>
>
>
>
>
> Yep, what Allison said. Berkeley wants to be #1 in many areas, but being
> #1 in printers listed as listening on the public internet as reported by
> shodan shouldn't be one of those areas.
>
> Paul
>
>
>
> On Thu, Mar 24, 2016 at 8:05 PM, Allison Henry <
> akhe...@security.berkeley.edu> wrote:
>
>
> Hi Micronetters, please do take a look at the best practices page and
> put measures in place to restrict access to printers from the public
> internet. The article indicates some methods you can use to accomplish
> this, and if you still have questions you can contact
> secur...@berkeley.edu for help.
>
> If you receive abusive or unwanted messages on printers/MFPs, and you
> have access to logs indicating the timestamp and IP address responsible
> for the print job, please send to secur...@berkeley.edu. Thanks all,
>
> - Allison Henry
>
> On 3/24/16 11:43 AM, Keenan Parmelee wrote:
> > ISP has some general guidelines
> > here:
> https://security.berkeley.edu/resources/best-practices-how-articles/network-printer-security-best-practices
> >
> > In general, restricting FTP and Telnet as well as enabling ACLs or IP
> > ranges is the best approach.  If you have a print server, you can go
> > even further and restrict printing to only the Print Server IP address.
> > Otherwise, campus IP ranges at a minimum but that still might result in
> > some spam from others on campus.
> >
> > ---
> > Keenan Parmelee
> > Technical Services Manager
> > Student Affairs Information Technologies
> > http://rescomp.berkeley.edu
> >
> > On Thu, Mar 24, 2016 at 11:40 AM, Beth Muramoto <bmura...@berkeley.edu
> > <mailto:bmura...@berkeley.edu>> wrote:
> >
> >     John,
> >
> >     A user here received the same message. I tried to employ disabling
> >     Telnet and FTP which worked on the other printers; features that
> >     were discussed back during the holidays when printers campus wide
> >     were being "attacked", but for some reason the IPs for these
> >     printers (HP Laserjet 400) didn't allow it. If you haven't disabled
> >     Telnet and FTP, I would do that to see if that will stop future
> attacks.
> >
> >     Beth
> >
> >     On Thu, Mar 24, 2016 at 11:33 AM, John McChesney-Young
> >     <jmccyo...@berkeley.edu <mailto:jmccyo...@berkeley.edu>> wrote:
> >
> >         This morning I found a flyer from the Neo-Nazi site _The Daily
> >         Stormer_ in our printer's output tray:
> >
> >         https://en.wikipedia.org/wiki/The_Daily_Stormer
> >
> >         Have others on campus been getting anything similar or was it
> just
> >         sent to our printer's IP address randomly? This is only the
> second
> >         time in 4 years I'm aware of our getting printer spam so the
> >         volume is
> >         clearly not a major problem, but given the nature of it is there
> >         anyone to whom it should be reported?
> >
> >         Thanks!
> >
> >         John
> >
> >         --
> >         John McChesney-Young, Administrative Assistant
> >         History of Art Department, 416 Doe MC6020
> >         U. C. Berkeley, Berkeley CA 94720-6020
> >         jmccyo...@berkeley.edu <mailto:jmccyo...@berkeley.edu> // voice
> >         1-510-642-5511 <tel:1-510-642-5511> // fax 1-510-643-2185
> >         <tel:1-510-643-2185>
> >
> >
> >
>  -------------------------------------------------------------------------
> >         The following was automatically added to this message by the
> >         list server:
> >
> >         To learn more about Micronet, including how to subscribe to or
> >         unsubscribe from its mailing list and how to find out about
> >         upcoming meetings, please visit the Micronet Web site:
> >
> >         http://micronet.berkeley.edu
> >
> >         Messages you send to this mailing list are public and
> >         world-viewable, and the list's archives can be browsed and
> >         searched on the Internet.  This means these messages can be
> >         viewed by (among others) your bosses, prospective employers, and
> >         people who have known you in the past.
> >
> >         ANNOUNCEMENTS: To send announcements to the Micronet list,
> >         please use the micronet-annou...@lists.berkeley.edu
> >         <mailto:micronet-annou...@lists.berkeley.edu> list.
> >
> >
> >
> >
> >     --
> >     ***********************************************
> >     Beth Muramoto
> >     Computer Resource Specialist
> >     Graduate School of Education
> >     University of California, Berkeley
> >     1650 Tolman Hall
> >     Berkeley, CA 94720
> >     Email:  mailto:bmura...@berkeley.edu <mailto:bmura...@berkeley.edu>
> >     Phone:  (510) 643-0203 <tel:%28510%29%20643-0203
> <%28510%29%20643-0203>>
> >     Fax:  (510) 643-6239 <tel:%28510%29%20643-6239
> <%28510%29%20643-6239>>
>
> >
> >     “Finish each day and be done with it. You have done what you could.
> >     Some blunders and absurdities have crept in – forget them as soon as
> >     you can. Tomorrow is a new day. You shall begin it serenely and with
> >     too high a spirit to be encumbered with your old nonsense.”
> >                                 -Emerson
> >
> >     This is the essence of forgiveness. You can't change what happened
> >     but you can make sure it doesn't have the power to prevent you from
> >     being happy tomorrow.
> >
> >                                  -Paul Boese
> >
> >     “Kind words do not cost much yet they accomplish much.”
> >
> >                                 -Blaise Pascal
> >
> >
> >     ***********************************************
> >
> >
> >
> >
>  -------------------------------------------------------------------------
> >     The following was automatically added to this message by the list
> >     server:
> >
> >     To learn more about Micronet, including how to subscribe to or
> >     unsubscribe from its mailing list and how to find out about upcoming
> >     meetings, please visit the Micronet Web site:
> >
> >     http://micronet.berkeley.edu
> >
> >     Messages you send to this mailing list are public and
> >     world-viewable, and the list's archives can be browsed and searched
> >     on the Internet.  This means these messages can be viewed by (among
> >     others) your bosses, prospective employers, and people who have
> >     known you in the past.
> >
> >     ANNOUNCEMENTS: To send announcements to the Micronet list, please
> >     use the micronet-annou...@lists.berkeley.edu
>
> >     <mailto:micronet-annou...@lists.berkeley.edu> list.
>
> >
> >
> >
> >
> >
> > -------------------------------------------------------------------------
> > The following was automatically added to this message by the list server:
> >
> > To learn more about Micronet, including how to subscribe to or
> unsubscribe from its mailing list and how to find out about upcoming
> meetings, please visit the Micronet Web site:
> >
> > http://micronet.berkeley.edu
> >
> > Messages you send to this mailing list are public and world-viewable,
> and the list's archives can be browsed and searched on the Internet.  This
> means these messages can be viewed by (among others) your bosses,
> prospective employers, and people who have known you in the past.
> >
> > ANNOUNCEMENTS: To send announcements to the Micronet list, please use
> the micronet-annou...@lists.berkeley.edu list.
> >
>
>
> -------------------------------------------------------------------------
> The following was automatically added to this message by the list server:
>
> To learn more about Micronet, including how to subscribe to or unsubscribe
> from its mailing list and how to find out about upcoming meetings, please
> visit the Micronet Web site:
>
> http://micronet.berkeley.edu
>
> Messages you send to this mailing list are public and world-viewable, and
> the list's archives can be browsed and searched on the Internet.  This
> means these messages can be viewed by (among others) your bosses,
> prospective employers, and people who have known you in the past.
>
> ANNOUNCEMENTS: To send announcements to the Micronet list, please use the
> micronet-annou...@lists.berkeley.edu list.
>
>
>
 
-------------------------------------------------------------------------
The following was automatically added to this message by the list server:

To learn more about Micronet, including how to subscribe to or unsubscribe from 
its mailing list and how to find out about upcoming meetings, please visit the 
Micronet Web site:

http://micronet.berkeley.edu

Messages you send to this mailing list are public and world-viewable, and the 
list's archives can be browsed and searched on the Internet.  This means these 
messages can be viewed by (among others) your bosses, prospective employers, 
and people who have known you in the past.

ANNOUNCEMENTS: To send announcements to the Micronet list, please use the 
micronet-annou...@lists.berkeley.edu list.

Reply via email to