Embedded Web Servers Exposing Organizations To Attack (Dark Reading)
Embedded Web Servers Exposing Organizations To Attack (Dark Reading)
Dark Reading previews another talk from the upcoming Black Hat conference, this time on embedded web servers that have been connected to the internet, probably unknowingly. "[Michael] Sutton used Amazon EC2 computing resources to constantly scan large blocks of addresses and to detect any embedded Web servers. Sharp and Ricoh copiers digitally archive past photocopies, he notes, so if that feature is enabled and the copier is sitting on the Net unsecured, an attacker could retrieve any previously photocopied documents, he says. Even the fax-forwarding feature in some HP scanners could be abused if the scanner were open to the Internet: An attacker could access any faxed documents to the user by having them forwarded to his fax machine, for example.
"