Hacking printers?

[thundley4]

If you know the IP address of someone's printer, is it possible to hack/access it?

[Chris_]

Yes.

Most Microsoft computers come with file and printer sharing enabled.  You may want to turn that off.

[thundley4]

Yes.

Most Microsoft computers come with file and printer sharing enabled.  You may want to turn that off.

I've done that on our computers.  The reason I asked though, is that I was at my credit union this week and they have the printers IP address printed on the printer.  It didn't seem like a bright idea to me.

[Chris_]

That is probably a local address and not something that would be accessible publicly, ie. punching their IP address into your web browser.  TCP/IP has reserved network addresses that are considered un-routable by public ISPs based on standard networking protocol.  They're usually addresses like 192.168.x.x or 255.x.x.x.  They can be used on internal/private networks, but access to the public internet would require a different IP address at their firewall or access point.

[thundley4]

It was a 192.168.xx.xx.  I guess they did that to make it easier for their IT person to fix problems.

[LC EFA]

It was a 192.168.xx.xx.  I guess they did that to make it easier for their IT person to fix problems.

Yes. If you've got remote based support it saves time if the client (the bank teller ) can tell the support droid on the other end of the phone what printer they're complaining about.

[thundley4]

I had just wondered about this since it was in the news recently about some internet capable printers being susceptible to hacking and could be made to start fires or cause other problems.

[Chris_]

That is somewhat different.  Off-the-shelf consumer stuff is going to be more vulnerable because it's more widely available.  Using those same blue Linksys wireless routers that are everywhere, I could probably find a way into your computer network.  And since those printers are not protected with the same type of security as your computer (with a firewall and password protection), I could cause all sorts of havoc. 

Your bank or credit union is going to have access to a higher level of protection and security based on what they will have available to them that the regular home user would not.

[thundley4]

That is somewhat different.  Off-the-shelf consumer stuff is going to be more vulnerable because it's more widely available.  Using those same blue Linksys wireless routers that are everywhere, I could probably find a way into your computer network.  And since those printers are not protected with the same type of security as your computer (with a firewall and password protection), I could cause all sorts of havoc. 

Your bank or credit union is going to have access to a higher level of protection and security based on what they will have available to them that the regular home user would not.

You don't know my credit union very well. It is very local and very small, only 2 employees and they are part time.

[Chris_]

Ah.

I noticed my doctor's office had those damned blue wifi routers in their office.  I really wanted to say something, but I wasn't feeling well at the time.  Those things worry me.

I've got a list of default account id's and passwords for dozens of off-the-shelf and enterprise-level routers and switches.  That's if they haven't been disabled yet. 

[TVDOC]

Yes.

Most Microsoft computers come with file and printer sharing enabled.  You may want to turn that off.

I just checked that, since I'm posting from a hotel wifi network, and my Win7 laptop has its sharing defaults set to "off" (out of the box), and further when you log onto a new "open" wireless network it won't connect unless you identify it as a "public" network, it then enables userid and password protection for the computer automatically.

doc