You think people are actually checking that in most places? Also, have you seen the size of documents that today's user in many environments is sending to their networked printers? No one would notice a thing, in between all the bandwidth that is getting consumed by software downloads, streaming media, social networking, etc...
* * *ASB* *http://XeeMe.com/AndrewBaker* *Harnessing the Advantages of Technology for the SMB market… * On Tue, Nov 29, 2011 at 3:21 PM, Mark Boeck <[email protected]> wrote: > ...but the size of each print job... that much network traffic (on the > outbound wire) would surely be noticed as latency... and that would raise > attention, yes? > > On Tue, Nov 29, 2011 at 12:48 PM, Ziots, Edward <[email protected]>wrote: > >> Honestly, **** >> >> ** ** >> >> I would possibly expect that any network device that takes >> unauthenticated and unsolicited input could be vulnerable to these type of >> attacks. Also give the “less than secure” web interfaces they wrap around >> these printers. **** >> >> ** ** >> >> /Evil hacker hat on. **** >> >> ** ** >> >> Now basically think if the underlying os that the printer is using is >> Nix, and the website is running under root process and you are able to >> XSS/SQLi attack the interface ( fire up metasploit or W3af and have a ball >> trying, or something more crafted with a web fuzz like the burp-suite) and >> gain root, drop your rootkit which sets up a backdoor process that sends a >> copy of each print job out to a remote site ( sure because a lot aren’t >> doing egress filtering of traffic especially from hosts they feel are on >> the “trust” network. **** >> >> ** ** >> >> Now think of all the push to electronic medical records and pdf’s of >> sensitive items that is being pushed by the federal govt as part of >> compliance and meaningful use mandates, and having a copy of this >> information out on the hackers site, its an appetite for easy Identity >> theft and a slew of other issues. **** >> >> ** ** >> >> /Evil Hacker hat off. **** >> >> ** ** >> >> Z**** >> >> ** ** >> >> Edward E. Ziots, CISSP, Security +, Network +**** >> >> Security Engineer**** >> >> Lifespan Organization**** >> >> email:[email protected]**** >> >> phone:401-639-3505 **** >> >> [image: CISSP_logo]**** >> >> ** ** >> >> *From:* MMF [mailto:[email protected]] >> *Sent:* Tuesday, November 29, 2011 12:22 PM >> >> *To:* NT System Admin Issues >> *Subject:* Re: Millions of printers open to devastating hack attack, >> researchers say**** >> >> ** ** >> >> It appears that this affects only Laser Printers according to the >> article. Anyone heard anything further as to inkjet printers not being >> affected? Also, the new E-Print HP printers have their own “email address”, >> so would that have any impact, not to mention wireless printers?**** >> >> **** >> >> Mfree**** >> >> **** >> >> *From:* Mike Sullivan <[email protected]> **** >> >> *Sent:* Tuesday, November 29, 2011 10:36 AM**** >> >> *To:* NT System Admin Issues <[email protected]> **** >> >> *Subject:* Millions of printers open to devastating hack attack, >> researchers say**** >> >> **** >> >> This sounds like it could be a nightmare if all printer models are >> affected. **** >> >> **** >> >> >> http://redtape.msnbc.msn.com/_news/2011/11/29/9076395-exclusive-millions-of-printers-open-to-devastating-hack-attack-researchers-say >> **** >> >> **** >> >> -- **** >> >> Thank you,**** >> >> Mike Sullivan >> >> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
<<image002.jpg>>
