It's Not Exciting, but Neglecting Printer Security is Dangerous

Carl Weinschenk

The growing number of networked printers scattered like confetti across an organization periodically get the attention of IT staffs.

 

This is one of those times. The Register says that a new exploit, Cross Site Printing for Spamming, relies on the port printers use -- port 9100 -- that generally is open and lightly protected. If a hacker uncovers the printer's IP address, he or she can do a good deal of mischief, such as causing the printer to "spew out garbage," send out fax messages, reformat a printer's hard drive or download malicious code, the story says.

 

The response is fairly simple: IT departments should keep printers secure. The challenge is keeping up with this decidedly unglamorous part of the security task.

 

This eWeek slide show provides 20 tips on securing printers, many of which have applications elsewhere. The steps: Overwrite the hard drive when getting rid of the machine; overwrite data immediately after printing; print from memory to avoid the hard drive; and secure the printer with passwords, cards and biometrics. The slide show also suggests securing non-printing functions of the printer and being careful with e-mail and fax functions.

 

Printer viruses, an executive from NetVigilance is quoted as saying at ITWorld, are designed keep their anonymity by infecting other systems without weakening the host. In some cases, printers with hard drives have been hacked to hold illegal content. For this reason, it is important to properly delete data on printer hard drives before getting rid of the device. Security plans, the story says, should include information on printer safety.


 

Printer companies are taking note. Sharp has installed "change control" software from Solidcore Systems on its MX Seriers printers and multifunction peripherals running on Windows XP Embedded, according to Dark Reading. The software stops unauthorized code, prevents configuration changes and can serve as the basis for antivirus and other security software. Solidcore says that it is in discussions with other printer vendors.

 

Another vendor that is paying attention is HP. Last autumn, the company introduced Secure Print Advantage. The technology is designed to make sure that the authorized person gets printed materials and guards against malware, according to this PC Advisor story. The piece says that the system encrypts print documents and authenticates users. In other words, it does what security experts claim is necessary -- it raises printer security to the level generally accorded to other network elements. The system, the story says, uses smartcards, the Lightweight Directory Access Protocol (LDAP), the Advanced Encryption Standard (AES) and security protocols and standards others.

 

This piece at hdx3fd is a bit technical -- not surprising considering the name of the site -- and comes to the same conclusion as many others: Printers are not adequately secured. The writer proved this by testing with his own printer, which is a Brother. The machine was easily accessible from four access points and not protected by MAC filtering. It was easy to catch passwords, the writer says.

 

Just about all businesses, from enterprises to Mom and Pop shops, tend to have more printers than they need. This is unfortunate, since they are a latent threat with which security forces must grapple. If they don't, it only is a matter of time before the organizations for which they work pay a heavy price.



Add Comment      Leave a comment on this blog post
Jan 15, 2008 3:49 AM Aaron Weaver Aaron Weaver  says:
Securing printers defintely should be done, but there is a bigger issue in the browser. Should a public internet site be allowed to direct a browser to post or access an intranet resource? Simply blocking the port is a short term solution. A better approach may be to designate intranet/internet zones like they have in IE, but warn you if an internet site is accessing internal resources. Reply
Jun 12, 2008 2:57 AM jez jez  says:
hey,thanks for the notion, much appreciated!however you got my domain wrong, it is hdx3fd, but h4x3d; sorry for the confusion! Reply
Nov 24, 2008 5:42 AM Visual guard for Oracle Visual guard for Oracle  says:
Definitely steps should be taken for the Security of Printer. Internet Site should be not access the internal resources... Reply
Aug 22, 2009 11:37 AM Epson Cartridges Epson Cartridges  says:

Security with our printers is a must. We must prevent  unsecured sites from getting access to internal resources.

Reply

Post a comment

 

 

 

 


(Maximum characters: 1200). You have 1200 characters left.

 

null
null

 

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.