Re: [IPP] FYI - IPP exposure to open internet

Michael Sweet via ipp <ipp@pwg.org> Wed, 24 June 2020 16:11 UTC

Return-Path: <ipp-bounces@pwg.org>
X-Original-To: ietfarch-ipp-archive@ietfa.amsl.com
Delivered-To: ietfarch-ipp-archive@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F3D283A0FF2 for <ietfarch-ipp-archive@ietfa.amsl.com>; Wed, 24 Jun 2020 09:11:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.899
X-Spam-Level:
X-Spam-Status: No, score=-2.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, MAILING_LIST_MULTI=-1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hHhi8rFGf_Xw for <ietfarch-ipp-archive@ietfa.amsl.com>; Wed, 24 Jun 2020 09:11:56 -0700 (PDT)
Received: from mail.pwg.org (mail.pwg.org [50.116.7.199]) by ietfa.amsl.com (Postfix) with ESMTP id A1DE53A0FE8 for <ipp-archive2@ietf.org>; Wed, 24 Jun 2020 09:11:56 -0700 (PDT)
Received: by mail.pwg.org (Postfix, from userid 1002) id 519D911B24; Wed, 24 Jun 2020 16:11:56 +0000 (UTC)
Received: from mail.pwg.org (localhost [IPv6:::1]) by mail.pwg.org (Postfix) with ESMTP id 72F6C268F; Wed, 24 Jun 2020 16:11:53 +0000 (UTC)
X-Original-To: ipp@pwg.org
Delivered-To: ipp@pwg.org
Received: by mail.pwg.org (Postfix, from userid 1002) id 868121C9F; Wed, 24 Jun 2020 16:11:52 +0000 (UTC)
Received: from mail.msweet.org (mail.msweet.org [173.255.209.91]) by mail.pwg.org (Postfix) with ESMTP id CF122268F for <ipp@pwg.org>; Wed, 24 Jun 2020 16:11:51 +0000 (UTC)
Received: from mbp16.lan (host-148-170-144-200.public.eastlink.ca [148.170.144.200]) by mail.msweet.org (Postfix) with ESMTPSA id 0C303820E8; Wed, 24 Jun 2020 16:11:50 +0000 (UTC)
Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.80.23.2.2\))
In-Reply-To: <0D59E137-F6FF-4679-A438-2F64141D7B78@hp.com>
Date: Wed, 24 Jun 2020 12:11:49 -0400
Message-Id: <D968FF2D-0C50-4889-8E56-F37016257327@msweet.org>
References: <80A64FE5-826C-48D2-968A-73BD7CD0605A@xerox.com> <3D96A4F9-07BE-46B1-AE06-59845F527FA8@msweet.org> <0D59E137-F6FF-4679-A438-2F64141D7B78@hp.com>
To: Smith Kennedy <smith.kennedy@hp.com>
X-Mailer: Apple Mail (2.3608.80.23.2.2)
Cc: PWG IPP Workgroup <ipp@pwg.org>
Subject: Re: [IPP] FYI - IPP exposure to open internet
X-BeenThere: ipp@pwg.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: ISTO-PWG Internet Printing Protocol workgroup discussion forum <ipp.pwg.org>
List-Unsubscribe: <https://www.pwg.org/mailman/options/ipp>, <mailto:ipp-request@pwg.org?subject=unsubscribe>
List-Archive: <http://www.pwg.org/pipermail/ipp/>
List-Post: <mailto:ipp@pwg.org>
List-Help: <mailto:ipp-request@pwg.org?subject=help>
List-Subscribe: <https://www.pwg.org/mailman/listinfo/ipp>, <mailto:ipp-request@pwg.org?subject=subscribe>
From: Michael Sweet via ipp <ipp@pwg.org>
Reply-To: Michael Sweet <msweet@msweet.org>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
Errors-To: ipp-bounces@pwg.org
Sender: ipp <ipp-bounces@pwg.org>

Smith,

Very few - I am aware of a few office MFPs that use CUPS internally, and there are network print services that implement the CUPS-Get-Printers operation for AirPrint (to lookup a printer by its printer-id value - it is used for Bluetooth beacons), but the numbers of devices and spread of version numbers sounds more like Internet-facing Linux servers to me.


> On Jun 24, 2020, at 12:05 PM, Kennedy, Smith (Wireless & IPP Standards) <smith.kennedy@hp.com> wrote:
> 
> Do many printers implement the CUPS attributes?
> 
> It would be interesting to learn what motivated the owners to put their printers or print servers on public networks.
> 
> Cheers,
> Smith
> ---
> Smith Kennedy
> smith.kennedy@hp.com
> 
> 
>> On Jun 24, 2020, at 6:53 AM, Michael Sweet via ipp <ipp@pwg.org> wrote:
>> 
>>  Chris,
>> 
>> Thanks for forwarding this!
>> 
>> Looks like the bulk of the open "devices" are CUPS servers, which would have needed to be explicitly configured to allow remote access - the default is localhost-only, then local subnets (for regular printer sharing), then whole-internet (if you want things wide open...)
>> 
>> 
>> > On Jun 24, 2020, at 12:09 AM, Rizzo, Christopher via ipp <ipp@pwg.org> wrote:
>> > 
>> > Maybe you have already seen this. Forwarding in case it needs discussion
>> > 
>> > https://www.shadowserver.org/news/open-ipp-report-exposed-printer-devices-on-the-internet/
>> > 
>> > 
>> > Chris
>> > 
>> > Christopher Rizzo
>> > Xerox Corporation
>> > GDG/Discovery/Advance Technology
>> > 26600 SW Parkway Ave.
>> > Wilsonville, OR 97070-9251
>> > Phone: (585) 314-6936
>> > Email: Christopher.Rizzo@xerox.com
>> > 
>> > "The realization came over me with full force that a good part of the remainder of my life was going to be spent in finding errors in my own programs."
>> > -Maurice Wilkes, Memoirs of a Computer Pioneer
>> > _______________________________________________
>> > ipp mailing list
>> > ipp@pwg.org
>> > https://www.pwg.org/mailman/listinfo/ipp
>> 
>> ________________________
>> Michael Sweet
>> 
>> 
>> 
>> _______________________________________________
>> ipp mailing list
>> ipp@pwg.org
>> https://www.pwg.org/mailman/listinfo/ipp

________________________
Michael Sweet



_______________________________________________
ipp mailing list
ipp@pwg.org
https://www.pwg.org/mailman/listinfo/ipp