OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: Re: DOS attack against HP JetDirect Printers (fwd)
From: Gwendolynn ferch Elydyr (gwenREPTILES.ORG)
Date: Thu Apr 20 2000 - 21:17:15 CDT

On Thu, 20 Apr 2000, Alfred Huger wrote:
> In case anyone is interested, scanning HP printers with
> tools such as nmap will cause the printer to lock up hard.
> I discovered this while trying to diagnose a connection
> problem we were having with a printer.
> I've verified this with at least the following versions of
> JetDirect:
>
> Firmware Rev. : A.08.06
> Firmware Rev. : G.08.03
> Firmware Rev. : G.07.17
> Firmware Rev. : G.07.03
>
> I haven't been able to establish the exact communications
> causing the lockup; someone with more experience than I
> should check this out.
>
> Any network accessable printer can be put out of service
> with a simple nmap -sT -PT HP.printer.tcp.ip
> A power cycle is required for reset.

This sounds like it might be related to an older bug in the JetDirect
cards - about 3 years ago, simultanious connections to a JetDirect card
would cause the card to lock up, with the only recourse being a power
cycle of the printer.

Multiple (2+) TCP connections would trigger this, as would AppleTalk/TCP.

I haven't checked it in a couple of years, but it was certainly persistant
through multiple revs of the JetDirect cards.

cheers!
==========================================================================
"A cat spends her life conflicted between a deep, passionate and profound
desire for fish and an equally deep, passionate and profound desire to
avoid getting wet. This is the defining metaphor of my life right now."