Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Nessus-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Printer problems

from [c . houle] Network Security [Permanent Link]
Subject: RE: Printer problems
Date: Tue, 19 Oct 2004 15:31:40 -0400 

Don't know about that config but with the help of the HMAP, SNMP & a few other 
plug-ins, you should be able to identify most of the printers quickly & then 
remove them.

Regards,
--
CH
 
-----Original Message-----
From: nessus-bounces@list.nessus.org [mailto:nessus-bounces@list.nessus.org] On 
Behalf Of Jared M Breland
Sent: October 19, 2004 3:23 PM
To: nessus@list.nessus.org
Subject: Re: Printer problems


nessus-bounces@list.nessus.org wrote on 10/19/2004 01:12:22 PM:

I'm running a scan against a rather large subnet of Windows desktops.
However, several network printers are also on this subnet.  When one of
these printers gets hit, it prints out about 10 pages of garbage data.

I searched through the archives and found several mentions of this in the
past, but I didn't see a solution for it.  Has anyone come up with a good
way to stop this from happening?


Evade the printers. Adding them as restricted hosts in your rules could be
one way but you must do this through manual labor.



Well, that's one option that I certainly thought of, however we probably have 
about 40 printers on this subnet (it's a 22-bit subnet).  Tracking down the IP 
address for each and every printer would be rather difficult. 

I just recently picked up new the Nessus book, and it says that "Nessus now 
incorporates a test to specifically detect whether the IP being scanned is a 
printer, and, if this is the case, prevent the scan from testing that IP's 
printing-related ports."  Obviously that's not happening in this case, but the 
capability must exist, right?  Is there any special configuration that needs to 
be done to make this work? 

--
Jared Breland

_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Default Unix Accounts and SSH, Nick Strecker
Next by Date:  Re: Default Unix Accounts and SSH, Renaud Deraison
Previous by Thread:  Re: Printer problems, Renaud Deraison
Next by Thread:  Nessus 2.0.12 on AIX, Neil Lewinski
Indexes:  [Date] [Thread] [Top] [All Lists]