Hi, I have two networks, one is connected to the internet and has 3 or 4 computers running off of it, the other network has my work on it and has no internet connection. Currently, I have a printer hooked up to the internet network, and have to keep switching the network cables around when I want to print out things via different networks.
What I would like to know is if I bought a second network card for my printer and hooked both networks into the printer, would this provide any kind of security problem? Basicially, could anyone work their way from my internet machine, through the printer and "into" my secure network? I dont think this is possible, but I just want to make sure before I go ahead and do this. Thanks
Dan
Network printer issue - security?
Well, let me first say it's not LIKELY.... but, hey, anything's possible. If your printer is bridging the two networks, who's to say that it couldn't bridge other traffic between? Is your printer firmware designed with security in mind foremost, or funcationality? I'm guessing functionality; printers aren't exactly known for being good routers or firewalls.
Then again, you state that your printer will hold multiple NICs, so who knows? What you really need to do is look into the details for your particular printer, skim through the manual, look for firmware updates, and see what options are or aren't in the configuration. It will most likely be secure. At the very least, it's not an easy route to take and probably only someone who very badly wanted into your secure network would take the time to work it. That said, if someone DID want in badly enough, all bets are off.
Hope this helped.... without more specific info on the printer, there's not much more of a specific answer that I could give. (Realize, too, that even if we could give a specifc answer that right now there is no way to get through the printer, new vulnerabilities come out all the time. What's secure today may not be tomorrow.)
Reply:I'm not aware of any routines that will allow you to gain access through a printer (but hey, they come up with new stuff every day). If all you're doing is throwing an extra NIC directly into the printer, someone would have to be really, really serious about hacking you to get in. Since the printer can't act as a router, They'd have to program the printer itself to hack you. No idea even if that can even be done.
There is another way. Find the port your printer uses to print (typically 9100, but many are different). Put a router between you and the "internet" network, firewalling everything but the printing port. Forward the printing port to the IP address of your printer and "install" the printer with the router's IP. If you're really paranoid, whenever you want to print, turn on the router. Whenever you're not, turn it off. Beat's switching cables and would be ultra-secure.
Reply:I believe you are opening a hole in your network this way.
Are you concerned about other LAN users getting onto your pc? If so, get a firewall on your pc and use the same network for all. You can go out, others cannot go into your pc if you configure the firewall properly. I believe you can even do this with the Windows XP firewall if you are careful.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment