Network Printers and Other Network Devices, Vulnerabilities and Fixes

Presented at DEF CON 10 (2002), Aug. 2, 2002, 11 a.m. (50 minutes).

Like computers on large heterogeneous environments, networked printers and other peripherals have vulnerabilities that can lead to exposure of data, denial of service, and as a gateway for attacks on other systems. Yet, while many organizations seek to protect their computers, they ignore printers and other peripherals. We will discuss general attacks against printers and other peripherals, with specifics on known (and some newly discovered) vulnerabilities in several brands of printers, and propose possible solutions to keep both computers and networked peripherals from attack. The talk is technical but not microcode technical, and the audience needs only to bring their brains, though familiarity with the various printers and other peripheral devices available on the market is a plus.

Presenters:

• LittleW0lf
  Ltlw0lf (aka Dennis W. Mattison)is a consultant for both military and civilian organizations, primarily an instructor on information security and assurance classes for Solaris and other UNIX environments, as well as a security and penetration testing analyst, PKI engineer, policy designer, and systems administrator. As a hobby, Ltlw0lf dabbles in vulnerability discovery, and has released several vulnerability reports involving printers and other network devices. Ltlw0lf was the sysop of "The Programmers Connection BBS" in San Diego for 8 years, and has been involved with several Sysop and Systems Administrator organizations in the past.

Links:

• https://defcon.org/html/defcon-10/defcon-10-speakers.html#littlewolf
• https://infocon.org/cons/DEF CON/DEF CON 10/DEF CON 10 video/DEF CON 10 - Dennis Mattison - Attacking Printers.mp4
• https://www.youtube.com/watch?v=WxQ86bVzcIA

Similar Presentations:

• Black Hat USA 2017 / Exploiting Network Printers
• DEF CON 27 (2019) / Why You Should Fear Your "mundane" Office Equipment
• BSidesLV 2023 / How I Met Your Printer