Thousands of Publicly Accessible Printers Searchable On Google 192
Jeremiah Cornelius writes "Blogger Adam Howard at Port3000 has a post about Google's exposure of thousands of publicly accessible printers. 'A quick, well crafted Google search returns "About 86,800 results" for publicly accessible HP printers.' He continues, 'There's something interesting about being able to print to a random location around the world, with no idea of the consequence.' He also warns about these printers as a possible beachhead for deeper network intrusion and exploitation. With many of the HP printers in question containing a web listener and a highly vulnerable and unpatched JVM, I agree that this is not an exotic idea. In the meanwhile? I have an important memo for all Starbucks employees."
How did this happen? (Score:5, Interesting)
Excuse my ignorance, but how does this happen? Big companies have firewalls and NAT, and everyday people have wi-fi routers and NAT. What sort of people have big swarths of IP address space, but no clue how to manage it?
Re:Insert Cheese (Score:5, Interesting)
Or maybe I should have been worried about why nobody had the knowledge about these exploits...
3D (Score:4, Interesting)
Re:Imagine... (Score:5, Interesting)
Re:How did this happen? (Score:5, Interesting)
I have 1024 public IPs, and I'm the only one who does anything with them: we won't have a network person until the hiring freeze is lifted (read: never).
There' was no NAT here, because that's not part of the IPv4 specs, and didn't even exist when this place was setup.
I've setup basic NAT, my wireless users are on it, and a few desktops, but I can't move everyone onto it because some directors like to print from home to work, and some people require access to a router-to-router VPN to another site that only works if you have a public IP address. I'd love to get a better handle on how access tables on these routers work, but if I did that I'd have to take time away from my day job, and really who wants to get yelled at for working harder?
I have no idea what I'm doing, but I can put anything I want on a public IP because there's literally no-one more knowledgeable to stop me. And I'm not gonna touch those printers because they're on a different subnet from my servers now, so screw it, they're literally not my job to secure.
They've been like that for 20+ years, how bad can it be?
Re:already used for spam... (Score:2, Interesting)
What I loved were the printers at all three of the colleges I went to all had complicated systems set up so that they could charge you to print on the printers. However, open up wireshark and in less than a second, you would receive a couple hundred packets from printers advertizing themselves. And it wasn't just student printers either; the very printers they were charging us to print from availible for free and letting everybody know.