Casper.Dik at sun.com wrote:
>> Norm Jacobs writes:
>>
>>> John Plocher wrote:
>>>
>>>> Darren J Moffat wrote:
>>>> Q: is there anything I could do to you or find out about you at this
>>>> point, before any print jobs are sent?
>>>>
>>> NO
>>>
>> Not quite true. You'll have an open UDP port to receive those SNMP
>> replies. If a Bad Guy on the network can forge packets that cause
>> your daemon to malfunction, then he can potentially get access to
>> whatever privileges your daemon has.
>>
>> It's _at least_ the classic open-port problem.
>>
>
>
> And it's detected in port scans which generally upsets customers.
>
> Casper
>
>
A few things.
1. It doesn't send out a response to any queries on the network.
2. The port that is uses is not a well known port. It's effectively
random.
3. It doesn't keep the port open all of the time. It only opens it,
broadcasts and waits for responses. When it hasn't seen any
responses for a while it closes the port and waits the scan
interval to try again (at what ever port it gets that time).
The result is that you really can't scan for it. Of course, this
doesn't mean that someone can't write a little software to pretend to be
a network attached printer and try and exploit it. It's just more work
to make the attempt.
-Norm
