Printers exposing their IPP port online face risk

Non-profit research company, Shadowserver Foundation, recently published a warning about companies leaving their printers exposed online.

In that report they found that 80,000 printers are exposing their Internet Printing Protocol (IPP) port online, which causes those printers to be at increased risk of hacking.

Printers are leaking everything from device names, models, and firmware versions, to organization names, locations, and even WiFi network names.

Leaving these printers without firewall protections means that hackers could forcibly take control of the device, or even connect to the exposed port if no authentication is required for entry.

Tools for IPP hacking are readily available online.

Companies must secure their printer’s IPP ports in order to protect against possible IPP hacking.

“It is unlikely that many people need to make such a printer accessible to everyone,” the organization said. “These devices should be firewalled and/or have an authentication mechanism enabled.”

To configure IPP access control and IPP authentication features, check the manual for your printer or contact the manufacturer. Most printers have an IPP configuration section in their administration panel from where users can enable authentication, encryption, and limit access to the device via access lists.

The Shadowserver Foundation also offers subscriptions for companies or national CERT teams that want to receive automatic notifications of any IPP services that are exposed online within their networks and countries’ IP address spaces.

As always, if we can be of help with your network or computer, give us a call here at RHYNO Networks. (855) 749-6648