Weekly Edition
Return to the Security page
| |||||||||||||
Embedded Web Servers Exposing Organizations To Attack (Dark Reading)
Dark Reading previews another talk from the upcoming Black Hat conference, this time on embedded web servers that have been connected to the internet, probably unknowingly. "[Michael] Sutton used Amazon EC2 computing resources to constantly scan large blocks of addresses and to detect any embedded Web servers. Sharp and Ricoh copiers digitally archive past photocopies, he notes, so if that feature is enabled and the copier is sitting on the Net unsecured, an attacker could retrieve any previously photocopied documents, he says. Even the fax-forwarding feature in some HP scanners could be abused if the scanner were open to the Internet: An attacker could access any faxed documents to the user by having them forwarded to his fax machine, for example."
(Log in to post comments)
Embedded Web Servers Exposing Organizations To Attack (Dark Reading) Posted Jul 23, 2011 7:34 UTC (Sat) by pabs (subscriber, #43278) [Link]
So is anyone working on FLOSS operating systems for scanners, faxes and photocopiers?
Embedded Web Servers Exposing Organizations To Attack (Dark Reading) Posted Jul 23, 2011 8:40 UTC (Sat) by armijn (subscriber, #3653) [Link]
Not sure if that would help anything. There are plenty of devices out there that are using FOSS (and which are GPL compliant) and which are full of big security holes. As long as the consumer electronics industry sees security as an optional feature it doesn't matter what is running on a device.
Embedded Web Servers Exposing Organizations To Attack (Dark Reading) Posted Aug 7, 2011 20:50 UTC (Sun) by pabs (subscriber, #43278) [Link]
The point would be that FLOSS operating systems allow people to fix security issues in their devices even when the vendor is too lazy to issue updates.
Embedded Web Servers Exposing Organizations To Attack (Dark Reading) Posted Aug 8, 2011 12:10 UTC (Mon) by Trelane (subscriber, #56877) [Link]
Or allow the customers to hire others to do it if they themselves are unable.
Embedded Web Servers Exposing Organizations To Attack (Dark Reading) Posted Jul 23, 2011 16:58 UTC (Sat) by butlerm (subscriber, #13312) [Link]
This is of some concern, but is there anybody who runs a network wide open to the Internet, with neither NAT nor firewall? In many cases it would be rendered useless in days, if not minutes. Windows can't take that kind of abuse.
Embedded Web Servers Exposing Organizations To Attack (Dark Reading) Posted Jul 24, 2011 2:15 UTC (Sun) by stephenjudd (subscriber, #3227) [Link]
Here's some fun for you. Find a reasonably unusual phrase from the login page of the web-based interface of your printer, router or other appliance, then google for it. Now try logging in with the default username and password. You may be surprised what's exposed out there.
Embedded Web Servers Exposing Organizations To Attack (Dark Reading) Posted Jul 24, 2011 4:20 UTC (Sun) by butlerm (subscriber, #13312) [Link]
This is certainly more of an issue for the routers themselves than anything else, especially with more subtle vulnerabilities. I don't know of any routers that ship with default admin access exposed on the public interface, although I don't doubt the problem has occurred in the past.
I did a quick check with Google and only found one listed, of the same brand as my run of the mill DSL modem. I didn't try to log in, naturally.
Embedded Web Servers Exposing Organizations To Attack (Dark Reading) Posted Jul 25, 2011 8:25 UTC (Mon) by Im26 (subscriber, #48749) [Link]
Try googling "Dell Color Laser" "Printer Console"
This should give you a decent enough list of 3110CN and 5110CN printers. I don't think there is anything too malicious you can do, except maybe print some surprising documents.
I chose these search strings because I've got one of these printers, I suspect any network attached device would work given my 100% hit rate on a sample of one!
Ian
|
|||||||||||||