Printers Could Be Vulnerable to SpamPrinters Could Be Vulnerable to Spam
'Cross-site printing' lets an attacker remotely print to an internal network and even send faxes
January 10, 2008
Weaver uses CSRF to issue the PostScript commands over Port 9100 to print ASCII-based art he created, according to Jeremiah Grossman, CTO of WhiteHat Security in his blog post. Network printers typically receive print jobs via Port 9100.
"The end result is that by visiting a Web site on the Internet, you could end up sending printer spam to your printer without even knowing that anything happened," Weaver writes in his paper about the hack. "Since most printers don’t have any security set, it is possible to print anything, control the printer, change the print settings and even send faxes."
How do you protect your printer from such an attack? For starters, Weaver says to make sure it has an administrative password. Then consider restricting access each printer, so that it can only execute jobs sent from a centralized print server.
— Kelly Jackson Higgins, Senior Editor, Dark Reading
About the Author(s)
You May Also Like
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and PhishingDec 12, 2023
SecOps & DevSecOps in the CloudDec 14, 2023
What's In Your Cloud?Jan 17, 2024
Everything You Need to Know About DNS AttacksJan 18, 2024