Network Printers and Other Network Devices, Vulnerabilities and Fixes

Presented at DEF CON 10 (2002), Aug. 2, 2002, 11 a.m. (50 minutes).

Like computers on large heterogeneous environments, networked printers and other peripherals have vulnerabilities that can lead to exposure of data, denial of service, and as a gateway for attacks on other systems. Yet, while many organizations seek to protect their computers, they ignore printers and other peripherals. We will discuss general attacks against printers and other peripherals, with specifics on known (and some newly discovered) vulnerabilities in several brands of printers, and propose possible solutions to keep both computers and networked peripherals from attack. The talk is technical but not microcode technical, and the audience needs only to bring their brains, though familiarity with the various printers and other peripheral devices available on the market is a plus.


Presenters:

  • LittleW0lf
    Ltlw0lf (aka Dennis W. Mattison)is a consultant for both military and civilian organizations, primarily an instructor on information security and assurance classes for Solaris and other UNIX environments, as well as a security and penetration testing analyst, PKI engineer, policy designer, and systems administrator. As a hobby, Ltlw0lf dabbles in vulnerability discovery, and has released several vulnerability reports involving printers and other network devices. Ltlw0lf was the sysop of "The Programmers Connection BBS" in San Diego for 8 years, and has been involved with several Sysop and Systems Administrator organizations in the past.

Links:

Similar Presentations: