Penetration Testing
Printer Attacks Nov 07 2011 08:53PM
doc tarrow (doc tarrow gmail com) (1 replies)
Re: Printer Attacks Nov 08 2011 05:47PM
The Doctor (drwho virtadpt net) (1 replies)
Re: Printer Attacks Nov 09 2011 12:35PM
Marco Ivaldi (raptor mediaservice net)
Hi,

On Tue, 8 Nov 2011, The Doctor wrote:

> Networked devices can also be a useful cover for hiding equipment
> smuggled into the target site and hidden in plain view. For example,
> attaching a wireless access point between the printer and the rest of
> the LAN often went unnoticed (perfect for sneaking right into the core
> of the client's network); in a pinch, the excuse "The cable wasn't long
> enough, so I put in an Ethernet switch and a three foot CAT-6 until we
> get a longer one," worked. I rather doubt that tucking a netbook behind
> a networked printer or fax machine with a sticy that reads "PRINT
> SERVER: DO NOT TOUCH" would still work these days, though.

LOL. Networked printers might also be a good starting point for NAC
bypass: sometimes their MAC addresses are considered trusted and might be
able to access the corporate network. Also, keep in mind that physical
access is always a risk.

While we are at it, I'd like to throw in a couple of interesting
references about networked printers hacking:

http://archive.hack.lu/2010/Costin-HackingPrintersForFunAndProfit-slides
.pdf
http://www.irongeek.com/i.php?page=security/networkprinterhacking
[and much more, just do a Google search]

Cheers,

--
------------------------------------------------------------------
Marco Ivaldi OPSA, OPST, OWSE, PCI-ASV
Senior Security Advisor
@ Mediaservice.net Srl Tel: +39-011-32.72.100
Via Santorelli, 15 Fax: +39-011-32.46.497
10095 Grugliasco (TO) - ITALY http://www.mediaservice.net/
------------------------------------------------------------------
PGP Key - https://keys.mediaservice.net/m_ivaldi.asc

------------------------------------------------------------------------

This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus