HP J3111A - JetDirect 600N Network Card Manuallines

Also see for 175X - JetDirect Print Server: Administrator's guide Appendix Administrator's guide White paper Product Update Note

Contents

HP Jetdirect Security GuidelineswhitepaperTable of Contents:Introduction ..................................................................................................................................... 1HP Jetdirect Overview ...................................................................................................................... 2What is an HP Jetdirect?................................................................................................................... 3How old is Your HP Jetdirect?............................................................................................................ 4Upgrading ...................................................................................................................................... 5HP Jetdirect Administrative Guidelines ................................................................................................ 6HP Jetdirect Hacks: TCP Port 9100..................................................................................................... 7HP Jetdirect Hacks: Password and SNMP Community Names................................................................ 9HP Jetdirect Hacks: Firmware Upgrade............................................................................................... 9HP Jetdirect Hacks: Sniffing Print Jobs and Replaying Them................................................................. 10HP Jetdirect Hacks: Printer/MFP access ............................................................................................ 10Recommended Security Deployments: SET 1...................................................................................... 11Recommended Security Deployments: SET 2...................................................................................... 12Recommended Security Deployments: SET 3...................................................................................... 18Recommended Security Deployments: SET 4...................................................................................... 28Further Reading ............................................................................................................................. 33IntroductionThe availability of public information on the Internet for hacking HP Jetdirect products has promptedcustomers to ask HP about how they can protect their printing and imaging devices against suchattacks and what is HP doing about preventing those attacks. In all fairness, some of this publicinformation is of rather poor quality and inflammatory; however, some websites detailing the attacksand the vulnerabilities on HP Jetdirect are informative and raise valid concerns that need to beaddressed. It is the purpose of this whitepaper to address customer concerns about these attacks andvulnerabilities and to recommend proper security configurations to help customers protect theirprinting and imaging devices. This whitepaper is only a small part of a broad initiative within HP toeducate our customer base about printing and imaging security. Resources such as The SecurePrinting website (http://www.hp.com/go/secureprinting) provide a great deal of information forcustomers about products, solutions, as well as configuration recommendations. In general, a lot ofthis information can be put to use on existing HP Jetdirect products, mainly because HP Jetdirect was1