Printers, the forgotten threat.
It seems that in this day and age, people have finally grasped the concepts of why it’s a good idea to patch systems regularly, run an anti-virus application, and have funky network appliances like firewalls and Intrusion Detection Systems. Which is a really great move in the right direction.
One thing that I will never understand though is that people will spend a fortune on new security tools and appliances, adn they’ll forget the basics.
Please people, remember to lock down the items on your network that may seem insignificant to you, as nine out of ten times, they are a foothold for a hacker. A prime example of this would be printers, I have managed to obtain really sensitive information off of printers attached to networks in their default state in the past, and also waste valuable time and company resources.
Here are few of the things that i’ve done on various assignments over the years in regards to printers:
- Modify the default web console pages, and load them up with browser exploits
- Find valuabe documents saved as files on the printers
- Use the printers as zombie hosts for nmap zombie network scans
- Tie up the printer for a day or so printing out the contents of my hard drive
- Waste paper and ink from doing the above
- Leave obscene messages on the console display
- Shut down the printer and fake the logon page to accomplish all of the above
Here’s a pretty useful link for all those with HP printers on their estate as well.
So in going forward, please remember that if it’s attached to your network, it needs to be secured. Most printers these days come with security configuration options, but they have to be enabled, so take the extra 5 minutes to make the world a better place.