Hi, On 20.05.2017 17:55, Daniel Feenberg wrote: > Our HP LaserJet printers will print 10-30 pages of unintelligible text > when scanned. I have turned off ftp and ipp and the only vulnerability > reported is for TCP timestamps. I can see on the net that other people > have solved this by excluding printers from the scan, but I would prefer > to scan the entire subnet and perhaps just exclude the offending test. > If I exclude the printers, there is a possibility that a non-printer > will also be excluded by mistake. Does anyone know which tests to > exclude? I could possibly turn off some other print protocols if I knew > which.
excluding single plugins / NVT won't work here as every NVT sending some data to the PJL / Raw printing ports will cause your printer to print out the data sent to it. To avoid this have a look at the settings of the following NVT: Do not print on AppSocket and socketAPI printers (OID: 1.3.6.1.4.1.25623.1.0.12241) which excludes some common known ports if a printer was detected. Depending on your printer you might need to add / update the ports to exclude in that NVT. It could be also possible that this NVT is not detecting your printer at all. Then we could update it to detect it, for this every info like: - Printer type - HTTP banner - HTML code of the start page etc. could help. > Also, is there an index to the archive of this group somewhere? Yes, there is an archive available here: https://lists.wald.intevation.org/pipermail/openvas-discuss/ > > Thanks > dan feenberg > NBER Regards, -- Christian Fischer | PGP Key: 0x54F3CE5B76C597AD Greenbone Networks GmbH | http://greenbone.net Neumarkt 12, 49074 Osnabrück, Germany | AG Osnabrück, HR B 202460 Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver Wagner _______________________________________________ Openvas-discuss mailing list [email protected] https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
