Sunday, December 8, 2024
BackBlaze

Internet Printing! [story]

I literally just stumbled upon this today:

I was performing a search for a particular error code that appeared on my HP p3010 LaserJet printer.  Apparently, this message is not widely occurring, as my Google search brought me to two different results.  One was a hit that led back to the HP support forums.  The other?  It led to this:

If you can’t see that, or if you don’t know what it is – – that’s an HP web administration page for an HP LaserJet p3015 printer.  That’s something you should see on your work LAN, not the Internet…!

So, like any good IT guy, I added a new printer, pointed to the IP address and printed the following message:

Hi, to whom it may concern:

This printer is exposed on the Internet to everyone.  

This includes ANY anonymous persons like myself.  I am not a hacker or anything of the sort, just a security conscious IT guy who stumbled upon this while searching for a particular error that had to do with my printer.

Since Google also “saw” your printer, it was able to index all the information on that printer and present it through a search result when I made a query for a particular error code.  If this printer is directly attached to the Internet for anyone to get to, then I can only assume there are other resources there someone might try to gain access to as well.

Please forward this to your systems administrator and he or she can lock it down for you.  They need to disable port forwarding/Network Address Translation on your firewall or router to your printer.

Regards, have a Happy (and secure) New Year!

The scary thing was – – this is a major university out east, so I can hope that this is the ONLY open IP address that the network admin forgot to lock down!

 

RELATED ARTICLES