Skip navigation
3727 Views 2 Replies Latest reply: Mar 17, 2011 8:29 AM by jkent@qualys.com RSS
ToddB Lurker 2 posts since
Mar 16, 2011
Currently Being Moderated

Mar 16, 2011 1:35 PM

VM scanning of Fiery / network copier devices

Is anyone scanning networked Fiery / network copier devices (like the Xerox DocuColor 250) and hearing complaints that VM scans are kicking off huge print jobs of 1-line of garbage text per page?  I can exclude the devices, but would much prefer to find a solution and scan them (especially since we are finding Sev4 vulnerabilities). 

 

Thanks!

  • Currently Being Moderated
    Mar 16, 2011 2:41 PM (in response to ToddB)
    VM scanning of Fiery / network copier devices

    Hi Todd,

     

    Generally when we see problems like this, it's due to the printer accepting *any* input to its listener, and dutifully printing that out. 

     

    I'd start by taking a printer, looking at the open ports, and scanning those ports one at a time, isolating the problem to a particular port/service.  Once that's done, you can either telnet to the port, send it some garbage, and see if it prints, or you can call our support team to have them walk you through a debug scan.

     

    With the debug scan, we can tell you exactly what we're sending to the port.  We *may* be able to mitigate this, but you'll likely have to end up contacting the vendor, as ultimately they're the ones who'll have to get their printers to stop blindly accepting input without any semblance of validation.

     

    Hope this helps,

    :Chris

    • jkent@qualys.com Level 4 435 posts since
      Jul 24, 2010
      Currently Being Moderated
      Mar 17, 2011 8:29 AM (in response to qualyschris)
      VM scanning of Fiery / network copier devices

      You can often do this from your desktop.  Telnet to port 9100 on the printer, start typing and hitting enter, often it causes the same behavior. 

       

      I have seen this at Universities I have worked with.  They did exactly as Chris describes above by isolating the port.  Sometimes there are firmware upgrades that will stop the behavior.

More Like This

  • Retrieving data ...

Bookmarked By (0)

Legend

  • Correct Answers - 10 points
  • Helpful Answers - 6 points