Printers aye?
Printers aye?
I came across an unfamiliar idea. Hacking into a network via their network printers. Did some research and from what I've found it has possibilities. http://www.irongeek.com/i.php?page=secu ... terhacking Seems interesting anyone have any thoughts on the subject?
\"The OS is detected as NetBSD (it will even run on your toaster).\"
-
bad_brain
- Site Owner
- Posts: 11636
- Joined: 06 Apr 2005, 16:00
- 19
- Location: In your eye floaters.
- Contact:
I've seen something about industrial espionage on TV a while ago, it was also in context with network printers. such printers are the weak spot in most companies, because they are usually located in an unguarded room or even on the floor where everyone can access them. many people don't even know that modern network printers have their own HDD where all documents are saved, and with the master password (can be found in the manual, and most don't change it) the HDD can be copied to an external one.
stealing data
I think industrial espionage and hacking* go together. Spies should have great hacking* skills to be good at stealing secrets from a company. You have phreaking for the phones, hacking* for the computers, and even photography and video.
When you think about a large organization's computer network, there are many segments of the network - all separated from each other for security (and administration ease). But, each segment has to connect to each other in some way, otherwise its not a network! Besides servers that all segments might use, there are the printers. Some large organizations can afford to have a expensive printer on each network segment, but some cheaper organizations might just have one for each floor, or maybe for the whole building! What this means is you have a point of connection to attach a blackbox (a self contained HDD/sniffer to intercept all the UNencrypted traffic to the printers) or as you said steal from the printer's own HDD/memory. I guess back in the old days, we'd steal the carbon copies or test print/excess print of an important doc(back in the old days you had to adjust how light or dark the doc was to print, so people would make test pages and throw it away!)
Typewriters - you stole the ribbon and just read the tape back to see what was typed on the typewriter, I suppose the same for the old ribbon style printers too.
Printer hacking is not new, spammers used to hack printers to spam businesses, so some smart sysadmins lock down the network access to the printer.
Also consider phlashing, upgrading the printer's firmware to kill it. Ever seen how long it takes for a company to replace a broken printer
*hacking term used loosely, some will argue it's called cracking. stay on topic mate
DNR
When you think about a large organization's computer network, there are many segments of the network - all separated from each other for security (and administration ease). But, each segment has to connect to each other in some way, otherwise its not a network! Besides servers that all segments might use, there are the printers. Some large organizations can afford to have a expensive printer on each network segment, but some cheaper organizations might just have one for each floor, or maybe for the whole building! What this means is you have a point of connection to attach a blackbox (a self contained HDD/sniffer to intercept all the UNencrypted traffic to the printers) or as you said steal from the printer's own HDD/memory. I guess back in the old days, we'd steal the carbon copies or test print/excess print of an important doc(back in the old days you had to adjust how light or dark the doc was to print, so people would make test pages and throw it away!)
Typewriters - you stole the ribbon and just read the tape back to see what was typed on the typewriter, I suppose the same for the old ribbon style printers too.
Printer hacking is not new, spammers used to hack printers to spam businesses, so some smart sysadmins lock down the network access to the printer.
Also consider phlashing, upgrading the printer's firmware to kill it. Ever seen how long it takes for a company to replace a broken printer
*hacking term used loosely, some will argue it's called cracking. stay on topic mate
DNR
-
He gives wisdom to the wise and knowledge to the discerning. He reveals deep and hidden things; he knows what lies in Darkness, and Light dwells with him.
He gives wisdom to the wise and knowledge to the discerning. He reveals deep and hidden things; he knows what lies in Darkness, and Light dwells with him.