How networked printers could be used as FTP servers by hackers

Infosecurity pros know that anything that connects to the Internet can be a security risk unless properly configured. This week they were reminded of that when a security researcher warned that business laser printers with hard drives have to be behind the corporate firewall or risk being used as anonymous FTP servers for hackers.

In particular, he warned administrators with Hewlett-Packard business printers to ensure port 9100 is plugged. Administrators with other networked business printers in their systems have to check the devices’ documentation to see which port is used and has to be secured.

“There are a few free, open source pieces of software that can be used to upload and interact with HP printer hard drives over port 9100,” Chris Vickery said in the blog.   “A hacker can host malicious web pages and scripts on your printer and link it to potential victims. Maybe he needs to host an executable somewhere so it can later be served through a wget request. These printers are wonderful repositories. It doesn’t take much creativity to realize that even highly illegal materials could be stored this way.”

In an interview with SecurityWeek Vickery said a search with the Shodan search engine discovered 21,000 vulnerable HP printers on the Internet.

HP told the site its latest printers include security features such as HP Sure Start BIOS protection, Run-time Intrusion Detection and firmware whitelisting.

It also said the exposure can be prevented either by disabling the PostScript PJL/PS filesystem commands or using the more secure protocol IPPS (Internet Print Protocol over HTTPS) instead of Port 9100.

For more advice see the HP Printing Security Best Practices for HP LaserJet Enterprise Printers and HP Web Jetadmin. HP provides the JetAdvantage Security Manager for policy-based security management and WebJet Admin, a free tool that provides web based configuration for HP printers.

Would you recommend this article?

0
0

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication. Click this link to send me a note →

Jim Love, Chief Content Officer, IT World Canada
Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@] soloreporter.com

Related Tech News