[6815] in bugtraq
Re: nestea2 and HP Jet Direct cards.
daemon@ATHENA.MIT.EDU (Ben Woodard)
Wed May 20 14:54:27 1998
Date: Wed, 20 May 1998 08:27:31 -0600
Reply-To: Ben Woodard <bwoodard@CISCO.COM>
From: Ben Woodard <bwoodard@CISCO.COM>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: Your message of "Thu, 07 May 1998 22:40:26 PDT."
<Pine.LNX.3.96.980507220741.1082D-100000@forge.wetworks.com>
The problem is much more serious than you seem to recognise. The code
to autodiscover all the printers on a network using snmp is pretty
easy to write and is available in the JedAdmin tools. A disgruntled
employee behind a firewall or anyone on the internet can bring down
pretty much a whole organization's printing infostructure.
The problem is not that one printer can be brought down. The problem
is that every printer can be brought to its knees with just a few
packets in a few seconds. By the time we figure out what is
happening. _ALL_ the printers are down and we have no way to track
where the attack came from.
Two days after your initial post, we had an incident in one of our
field offices. Every printer on the network went dead. Guess who got
called? If all 2500 printers in our environment went down, I can't
even imagine how many calls our help desk would get? I worry about
unfirewalled environments such as universities.
I have some contacts deep within HP printer's firmware development
division. I made them aware of the problem and suggested that they
post to bugtraq with their intentions. I am still waiting for their
response.
-ben
> nestea and nestea2 do a number on HP Jet Direct printer cards, I have
> tested it on a HP 5/si and a HP 1600c with Jet Direct cards in them it
> locks up until power cycled all of the print jobs that are going to them
> are lost. The HP 5/si has a LCD on the front and there is an error code
> that is displayed.
>
> 80 SERVICE (01E6) CALL SERVICE
> ^^^^
> this number changes depending on how my times it is hit with nestea2,
> which seems odd to me that if one hit kills it, what difrence would it
> make hitting it with 10 and why would it report a diffrent code.
>
> HP's error code explination states the following.
>
> ------------------------
> 80 SERVICE(xxxx) CALL
> SERVICE
> ------------------------
> Indicates an
> unrecoverable HP
> Modular I/O (HP MIO)
> protocol error. This
> indicates a
> catastrophic system
> condition.
> ------------------------
> Switch the printer OFF,
> then ON. If the message
> continues, contact your
> dealer or HP service
> representative for
> service.
> ------------------------
>
> I have also tried bonk, boink, teardrop, overdrop and none of them seem to
> have any effect on the printers.
>
> EOT
>
> -- Damon Petta
