SIGforum
How do I secure my Brother printer?
March 25, 2017, 02:20 PM
Oz_ShadowHow do I secure my Brother printer?
My Brother laser printer is on my wireless network. Somehow it is accessible by others on the internet, mostly from some guy trying to raise awareness using the name "Stackoverflowin"
It causes the printer to randomly print gibberish.
Searching comes up with thousands of pages talking about the hack, but no suggestions how to secure the device.
Anyone here have a simple solution?
March 25, 2017, 02:25 PM
BurtonRWWhat kind of security do you currently have on your network? Hopefully WPA2, but if not, what protocols does your printer support? Do you have the latest firmware?
-Rob
I predict that there will be many suggestions and statements about the law made here, and some of them will be spectacularly wrong. - jhe888
A=A March 25, 2017, 02:25 PM
Skull LeaderTry this, found here:
https://nexusconsultancy.co.uk...part-flaming-botnet/What next.. Close port 9100, 361, 515, 8080, 80 and 443 if open
1.Visit your router/firewall webpage normally
http://192.168.1.1 or
http://192.168.1.254 *if you can’t find this open command prompt and type ifconfig then enter. Use the default gateway address to get into the control panel.
2.Login to the router
3.Find an area of the router called one of the following: NAT / Network Address Translation / Open ports / Port forwarding
4.Delete/disable the rule that points to your printer *if it’s not there proceed to the next step
5.Find an area of the router called: DMZ and ensure this isn’t pointing to your printer either.
March 25, 2017, 02:31 PM
Oz_ShadowRecent Netgear router using WPA2-PSK
March 25, 2017, 02:34 PM
BurtonRWquote:
Originally posted by Oz_Shadow:
Recent Netgear router using WPA2-PSK
So the guy is going direct to your printer then. It has to have a public facing ID somewhere. Find that and kill it per Skull Leader's suggestion. That's the best I have. Unless there's an option for MAC filtering on the printer itself. Then it wouldn't matter.
-Rob
I predict that there will be many suggestions and statements about the law made here, and some of them will be spectacularly wrong. - jhe888
A=A March 25, 2017, 02:41 PM
Oz_ShadowThe articles mention “targets printing devices that have IPP (Internet Printing Protocol) ports, LPD (Line Printer Daemon) ports, and port 9100 left open to external connections.”
I do not have any ports forwarding to my printer in my router settings.
March 25, 2017, 03:36 PM
DaBigBRquote:
Originally posted by Oz_Shadow:
The articles mention “targets printing devices that have IPP (Internet Printing Protocol) ports, LPD (Line Printer Daemon) ports, and port 9100 left open to external connections.”
I do not have any ports forwarding to my printer in my router settings.
Is uPNP enabled?
March 25, 2017, 04:29 PM
GibbI've set up my Brother printer wired to the router, and shut off direct WiFi on the printer.
This way they have to be on my network, and while not impossible, it won't be easy.
I currently live in a larger apartment building, and know there's some kids that have messed with others unsecured networks. So far, they've been unable to hit any of my stuff.
I shall respect you until you open your mouth, from that point on, you must earn it yourself. March 25, 2017, 04:38 PM
grumpy1Go to Shields Up website and do a self scan from your computer to see if any ports are open including 9100 while the printer is turned on. You may need to do a targeted scan for 9100 entering the port number in custom port probe in addition to common ports. There is also a UPnP exposure scan.
https://www.grc.com/x/ne.dll?bh0bkyd2