Printers

Spam targets printers

Lack of security in accessing printers might make it possible for spam to target open printer ports, says Heise-security.

Lack of security in accessing printers might make it possible for spam to target open printer ports, says Heise-security.

An excerpt from Heise-security:

The fundamental problem is a complete lack of security at most printers: a permanently open port, normally with no authentication. The only hurdle faced by an attacker is determining the printer IP address. However, an iterator script is hardly challenging to create, and, particularly for printers on home networks, the printer address is unlikely to be difficult or slow to find: most likely in the bottom 16 addresses of the 192.168.0.0 private block.

The attack can be triggered from just an iframe on a Web page. Aaron Weaver, the security researcher who addressed the attack, also mentioned that Web pages are being crafted to attack internal IP addresses within an organization.

More information:

Hijacking Printers For Spamming (InformationWeek)

Coming Soon: Spam on Your Printer From the Web (PC World)

Editor's Picks