 |
|
|
 Welcome to the Virus.Org Mailing List Archive |
||
 |
||
|
||
|
----- Forwarded message from "Truitt, Edward (Ed.Truitt)" <[EMAIL PROTECTED]> ----- Sorry if this is a duplicate note, but I think the earlier one may have somehow been routed to /dev/null... This morning, while scanning my LaBrea tarpit for activity, I noted a significant increase in scans against TCP 9100 over the last 72 hours. This port is assigned to "jetdirect", which is the print server for HP printers. I checked the DShield reports for this port, and sure enough there has been a recent spike in the number of targets/scans detected on this port. When I mentioned this to my boss (and fellow DShield subscriber), he mentioned that there was a presentation at this week's BlackHat conference in Seattle, which talked about hacking network devices and turning them into attack platforms. The presenter used HP printers as one of the examples in his presentation! Just what we need, our printers turning on us. Did anyone attend the BlackHat conference and get the materials for that presentation, and if so was there exploit code supplied? <==============================================================> Edward D. (Ed) Truitt email: [EMAIL PROTECTED] http://www.etee2k.net "Note to spammers: my 'delete' key is connected to YOUR ISP. Also, if you send me UCE, I reserve the right to post your spew on my Web site, with the appropriate color commentary, so that others may have a good laugh at your expense."
|
All Trademarks Acknowledged.
Please view our Terms and Conditions and our Privacy Policy.