Printers don't normally have a programming interface to run its own code...
...spoolers do though.
The Metropolitan Police Service is investigating the cause of a "major network issue" that has prevented staff using some IT services for almost two weeks. A Met spokesman confirmed the problem was first identified on 9 June, but insisted no critical systems had been downed by the incident. "As a result of a major network …
...spoolers do though.
My HP PSC woke up on Saturday and asked if it could download an update from HP. Spooky, as I thought it was just a printer.
Many current multifunction devices (copy/scan/print) of the type used for departments, run on a windows embedded machine. ie a PC running (generally) windows XP. So nobody has come across any potential windows XP embedded problems ????
That should fix it!
Most have a web interface, could be leveraged to customize the underlying OS and use as a tunnel into the rest of the network, so I read somewhere ..
I find it odd how they don't think a printer is capable of running programs, most have at least half ghz of processing power with at least 64mb of ram.
Idlescan. The average printer IP stack is completely sequential, therefore if you can route to one and connect to it, then spoof a packet from it to a host abusing the trusted relationship network admins establish with printers, then re-connect the print server, you can see if the host responded to its trusted friendly printer by looking at the pid of the packet. Theres no emphasis on bringing it into current random packet pid's because, well, its just a printer right? wrong...
You can map out entire network topologies with ease using this technique. nmap even has it as a scan mode , nmap -sI on the latest versions.
Fyodor as usual has a great write up of it :-
Er, postscript is a programming language...
Of course, I'm sure it's totally isolated from the parts with a network connection.. right?
Perhaps a printer got damaged when it fell down the stairs, skipper?
I know LulzSec were claiming responsibility for taking down SOCA - could this be related?
Trollface for the obvious reasons.
My wife works for the Met. Every single system she uses has been down since the middle of last week. From what she was saying before Everything Went Dark, Conficker sounds like the culprit - which, if true, would absolutely boggle the mind. I know <Insert Big Useless Inefficient Public Service here> are lax when it comes to running Windoze Updates, but come on - Conficker? It's one bleeding patch for God's sake, has been responsible for mass infections in dozens of so-called 'secure' environments in the past two years and has been about as publicised as Slammer was.
How much do they pay their outsourced IT provider? Sorry - should I say how much do WE pay their outsourced IT provider.
Biting the hand that feeds IT © 1998–2017