Linux Today: Linux News On Internet Time.

More on LinuxToday

Corporate Espionage For Dummies: HP Scanners

Sep 01, 2010, 15:03 (0 Talkback[s])
(Other stories by Michael Sutton)

[ Thanks to An Anonymous Reader for this link. ]

"Web servers have become commonplace on just about every hardware device from printers to switches. Such an addition makes sense as all devices require a management interface and making that interface web accessible is certainly more user friendly than requiring the installation of a new application. Despite typically being completely insecure, such web servers on printers/scanners are generally of little interest from a security perspective, even though they may be accessible over the web, due to network misconfigurations. Yes, you can see that someone neglected to replace the cyan ink cartridge but that's not of much value to an attacker. However, that's not always the case

"I was recently looking at a newer model of an HP printer/scanner combo and something caught my eye. HP has for some time, embedded remote scanning capabilities into many of their network aware scanners, a functionality often referred to as Webscan. Webscan allows you to not only remotely trigger the scanning functionality, but also retrieve the scanned image, all via a web browser."

Complete Story

Related Stories: