Communications of the ACM
Giving Hackers a Printed Invitation
At the Shmoocon conference in Washington, D.C., researchers demonstrated how hackers are using printers to infiltrate corporate computer networks. "These devices have gone from being standard, simple printers that got on the network to the point where they are totally integrated in the business environment," which makes them a prime target, says security consultant Deral Heiland. He demonstrated how hackers could use a program called Praeda to gain access to a company's networked printers using standard security flaws and configuration holes. Once Praeda gets inside a network, it can steal passwords, files, and gain access to other devices. "We have found out that with a lot of printers, that data is not obfuscated very well," Heiland says.
Meanwhile, security researcher Ben Smith developed Print File System, a program that automatically finds weak printers via the Internet and reconfigures them to act in a distributed storage network. "Depending on the devices, most of the time, you can find 20 to 30 unsecured devices [on a local network] and you can get a gig of storage to 30 gigs of storage," Smith says.
From Technology Review
View Full Article
Abstracts Copyright © 2011 Information Inc., Bethesda, Maryland, USA 
No entries found