> Obviously it's a M680x0 CPU with 512 KB of RAM in our model, so
> writing an exploit should be fairly easy. The nice point about it is
> that most people wouldn't expect their printer to be compromised --
> and since there is no logging on the printer, you can't easily be
> tracked down...
HP JetDirects can have the web server turned off (a good idea) and use
remote syslog to log all connections to the printer. The HP print
server control software automaticly turns the web configuration back
on, so I wouldn't use that, I would physicly go up to the printer and
disable all services you don't need.
If only one could add in ip allow ranges, then I would be happy.
-cazz
PGP signature
