Saturday, January 22, 2011

【 Weak current College 】 network printer common attack method 】

Network printer is small and medium-sized organizations reduce printer maintenance purchase cost, equipment usage scenario (network printer here refers not to a single printer print server), but as one of the devices on the network, it security is often neglected by the administrator, the administrator only attach importance to the printer is connected properly, the supplies are complete, but didn't realize it could become the target of the attack: the following attacks may occur in the network printer is configured with a public IP (or intranet ip) 1, printing supplies exhausted attack (J0ker own name!) this should be considered a denial of service, the attacker uses the default administrative password login, add it to the printer on a lot of useless printing tasks, exhaustion of printer supplies — the user cannot print 2, print log read attacker after landing can read network users to use the printer, and figure out how often users use printers, network activity on a case-by-message 3, printer configuration changes to a malicious attacker, the simplest method of destruction is the printer configuration completely mess, then login passwords to long and complex passwords, HA HA, most administrators will be helpless now springboard attack 4, printers are high-end network printer using the embedded operating system for controlling Lniux, if you use the default password to login, it may become an attacker from the external network to the intranet of the springboard if network printer changed administrator password, you will: 1, DDoS attacks on most didn't do it security defense network devices are very effective 2-in-the-middle attack is theoretically possible through ARP Spoofing to network users to send to the network printer's content to send to an attacker-controlled machine, record and then to the real network printer for more attack defense principles only one, don't overlook the network printer, to put it as a standard network equipment or network serverfor security configuration and protection, while at the same time, the network printer for fast failure recovery is administrator needs to consider.

No comments:

Post a Comment