Computing at Cornell: Security Banner
Securing Networked Printers

Printers are often not recognized as potential security exposures which can be exploited for Denial of Service attacks or other malicious activities. Administrators should realize that modern networked printers must be configured as other networked systems prior to installing them on a network. For example, administrative telnet access to most HP JetDirect networked printers is not password protected by default. SNMP, FTP and HTTP access have similar vulnerabilities. Below are some resources to assist in configuring printers. The focus is on HP JetDirect networked printers since they are the most ubiquitous. This does not imply that other printers (networked printer cards) are secure. They should be investigated also.

From HP support:

"Consumers of HP software and hardware products regularly approach HP support providers for information regarding security issues. This document will attempt to address security issues related to HP Jetdirect print servers, which are among the wide range of communication products that fall within data security scope. This document describes how to restrict the unauthorized use of HP Jetdirect configuration utilities and the unauthorized access of Jetdirect connected printers through a network so that not all users can print to them, configure them, or have access to them. This document will not address infrastructure, user/domain authentication, and OS specific security issues."
The full article can be found at:
http://h20015.www2.hp.com/hub_search/document.jhtml?lc=en&docName=bpj05999

From Internet Security Systems:

"This advisory covers a number of miscellaneous issues regarding HP JetDirect printer interface cards and print servers of various vintage. HP has addressed many of these issues in newer JetDirect print server products (Fall 98). More information about newer products and upgrades are available from HP contact representatives."
The full article can be found at:

http://xforce.iss.net/alerts/advise15.php

From SecuriTeam:

"HP Jetdirect supports incoming FTP connections. The FTP server which is built-in into the product contains a security vulnerability that allows a remote attacker to cause a Denial of Service attack against the printer."
The full article can be found at:
http://www.securiteam.com/securitynews/5DP0C2K20O.html


Computing at Cornell Homepage CUinfo CIT Contact List Send Us Feedback

Last modified: June 04, 2007
Comments about this web page: cit_pubs@cornell.edu