Re: [IPP] FYI - IPP exposure to open internet

"Kennedy, Smith (Wireless & IPP Standards) via ipp" <ipp@pwg.org> Wed, 24 June 2020 16:06 UTC

Return-Path: <ipp-bounces@pwg.org>
X-Original-To: ietfarch-ipp-archive@ietfa.amsl.com
Delivered-To: ietfarch-ipp-archive@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 099F03A0FB9 for <ietfarch-ipp-archive@ietfa.amsl.com>; Wed, 24 Jun 2020 09:06:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.698
X-Spam-Level:
X-Spam-Status: No, score=-2.698 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_INVALID=0.1, DKIM_SIGNED=0.1, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=fail (1024-bit key) reason="fail (message has been altered)" header.d=hp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Of8qsBEad2AY for <ietfarch-ipp-archive@ietfa.amsl.com>; Wed, 24 Jun 2020 09:06:04 -0700 (PDT)
Received: from mail.pwg.org (mail.pwg.org [50.116.7.199]) by ietfa.amsl.com (Postfix) with ESMTP id E701B3A0FBD for <ipp-archive2@ietf.org>; Wed, 24 Jun 2020 09:06:02 -0700 (PDT)
Received: by mail.pwg.org (Postfix, from userid 1002) id 59EF111AF8; Wed, 24 Jun 2020 16:06:02 +0000 (UTC)
Received: from mail.pwg.org (localhost [IPv6:::1]) by mail.pwg.org (Postfix) with ESMTP id 134823592; Wed, 24 Jun 2020 16:05:59 +0000 (UTC)
X-Original-To: ipp@pwg.org
Delivered-To: ipp@pwg.org
Received: by mail.pwg.org (Postfix, from userid 1002) id DD3CF268F; Wed, 24 Jun 2020 16:05:57 +0000 (UTC)
Received: from us-smtp-delivery-162.mimecast.com (us-smtp-delivery-162.mimecast.com [216.205.24.162]) by mail.pwg.org (Postfix) with ESMTPS id 3B6CC268F for <ipp@pwg.org>; Wed, 24 Jun 2020 16:05:56 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hp.com; s=mimecast20180716; t=1593014755; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=XMV0ur5yk158yrawG3iW2TzeoJzlmvjD9DZmXoHgums=; b=SpTJA86LscWCvKwkGi89ccWgd9bcWCBPuYGsRMRIxElRVmPVmjZuLnYblvsfq8+Vzgszm/ XEfnugFGW8xcub4Z8bDKhd94Cyp31r70ONsvf8YZGBEjjZ2U2x+gsk0fdqyPOSkGkR4TZk iIjIMgAmcNJCR3atGUIImypUCebhlHQ=
Received: from NAM12-MW2-obe.outbound.protection.outlook.com (mail-mw2nam12lp2048.outbound.protection.outlook.com [104.47.66.48]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-279-ASghdvhNNgmRahklZKK7CA-1; Wed, 24 Jun 2020 12:05:51 -0400
X-MC-Unique: ASghdvhNNgmRahklZKK7CA-1
Received: from CS1PR8401MB0518.NAMPRD84.PROD.OUTLOOK.COM (2a01:111:e400:7512::12) by CS1PR8401MB0472.NAMPRD84.PROD.OUTLOOK.COM (2a01:111:e400:7509::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3131.20; Wed, 24 Jun 2020 16:05:49 +0000
Received: from CS1PR8401MB0518.NAMPRD84.PROD.OUTLOOK.COM ([fe80::2c25:43dc:9979:1861]) by CS1PR8401MB0518.NAMPRD84.PROD.OUTLOOK.COM ([fe80::2c25:43dc:9979:1861%10]) with mapi id 15.20.3131.021; Wed, 24 Jun 2020 16:05:49 +0000
To: Michael Sweet <msweet@msweet.org>
Thread-Topic: [IPP] FYI - IPP exposure to open internet
Thread-Index: AQHWSd048tveZKkAIESfzv9i/RCoQKjnuSiAgAA1xZw=
Date: Wed, 24 Jun 2020 16:05:49 +0000
Message-ID: <0D59E137-F6FF-4679-A438-2F64141D7B78@hp.com>
References: <80A64FE5-826C-48D2-968A-73BD7CD0605A@xerox.com>, <3D96A4F9-07BE-46B1-AE06-59845F527FA8@msweet.org>
In-Reply-To: <3D96A4F9-07BE-46B1-AE06-59845F527FA8@msweet.org>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [2600:387:8:f::58]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: e97dd082-a5d5-40aa-5849-08d81858765f
x-ms-traffictypediagnostic: CS1PR8401MB0472:
x-microsoft-antispam-prvs: <CS1PR8401MB047217F0864CC77D0549B65C9E950@CS1PR8401MB0472.NAMPRD84.PROD.OUTLOOK.COM>
x-ms-oob-tlc-oobclassifiers: OLM:7691;
x-forefront-prvs: 0444EB1997
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: EpjYloDoV3+pJ5OzoXQM8zoP4lIgDkIHUeh4bhV2VUW8zJ5ZyIeTsS6Rcfu5APC5GeukaYmS1OMnlX1WSO1DCuJ4OAFF9XnbJl04RFl8/Q7q80I8xZDFX/f8iDbo4lG0VudPQqwvZQzP7gh4UWqGPRT99anMa+jzBkx2L8nWxJ36woO4Lrv/GR3LVz+v1F6fSzZPMdHiyctOweVw/nhXgaqhUhmURcQWgZQmHFnqCvPnAcjpfPk5+NVvz9HrJZQuCcSXmz9Tkbk9WshP3kjnsnuU6mJG03g8d7BwbHy1U1ZMMqXIYMu11fC4xTwN+/0KYRSm9LfMtQ65w7vpfHh6Z8aDDmYH4WjYy6Z3+aa8iubiLNSeV+PNz6XlHWt2BhRg9q34MRkcrPXkJMMsDR1xqg==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:CS1PR8401MB0518.NAMPRD84.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFTY:; SFS:(346002)(366004)(376002)(396003)(136003)(39860400002)(316002)(966005)(478600001)(6512007)(54906003)(86362001)(66574015)(36756003)(6506007)(53546011)(2616005)(4326008)(2906002)(186003)(166002)(71200400001)(66446008)(66556008)(91956017)(76116006)(5660300002)(8936002)(64756008)(66476007)(6486002)(8676002)(66946007)(33656002)(83380400001)(6916009); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata: cDiQI00WOr2mx5vcwj3jQzhXAyH9O77eo3mLQXo1qEmeG/5eoC7OiBudpLCX+TPfdiAj7+0BAg8Oe4egPHG4FcNdPpnc9yrEF4ceHmQxDLkDqX2E27p0CsdZMLe45Kr5IPkJZm/UKYGvwG/kYF/UlTJ4MRJurgLXoI5wPJmluEsQBFi9NiKHFdPROi7Vq+enDtlz4L/vqXdi6mHfFexCftp3RVTypC5JVSKVIu0ESdnk6s6ZnBNp0uCocQXjVcQgIhSn0FvZJdgVtCEoJ2u4kGD6YcIeA0Go37+PrnNrktvQ50avmycSVHsv1CnNtDxPEE05p1nfzoXtblnc1rpTUgBo9KQPdcbewuhNbDT5sff3+unSJWG2NYxgmBOLi2ck3CNLm2m6/nInFXQtUshbhLxfxZrIM0dOcuf/vsmSkcqySCtKfD+Xf0xrp0IZ/aZYQyxCCveNGyRjztaMDUF+8SXwLMYTEkxKO9aSd5E/EJsHWIKXBM2AFxyOjUAokPyf
x-ms-exchange-transport-forked: True
MIME-Version: 1.0
X-OriginatorOrg: hp.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: CS1PR8401MB0518.NAMPRD84.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: e97dd082-a5d5-40aa-5849-08d81858765f
X-MS-Exchange-CrossTenant-originalarrivaltime: 24 Jun 2020 16:05:49.4294 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: ca7981a2-785a-463d-b82a-3db87dfc3ce6
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: JTa7tJjAvAaE1gjeeHoklbh0VZ1XPkEeRWBVFte2eodP/GcUUsURTideg/M9FNIvcBQFC0LH/2ya2c+viWI0Gw==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CS1PR8401MB0472
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: hp.com
Cc: PWG IPP Workgroup <ipp@pwg.org>
Subject: Re: [IPP] FYI - IPP exposure to open internet
X-BeenThere: ipp@pwg.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: ISTO-PWG Internet Printing Protocol workgroup discussion forum <ipp.pwg.org>
List-Unsubscribe: <https://www.pwg.org/mailman/options/ipp>, <mailto:ipp-request@pwg.org?subject=unsubscribe>
List-Archive: <http://www.pwg.org/pipermail/ipp/>
List-Post: <mailto:ipp@pwg.org>
List-Help: <mailto:ipp-request@pwg.org?subject=help>
List-Subscribe: <https://www.pwg.org/mailman/listinfo/ipp>, <mailto:ipp-request@pwg.org?subject=subscribe>
From: "Kennedy, Smith (Wireless & IPP Standards) via ipp" <ipp@pwg.org>
Reply-To: "Kennedy, Smith (Wireless & IPP Standards)" <smith.kennedy@hp.com>
Content-Type: multipart/mixed; boundary="===============8348610260616605861=="
Errors-To: ipp-bounces@pwg.org
Sender: ipp <ipp-bounces@pwg.org>

Do many printers implement the CUPS attributes?

It would be interesting to learn what motivated the owners to put their printers or print servers on public networks.

Cheers,
Smith
---
Smith Kennedy
smith.kennedy@hp.com


On Jun 24, 2020, at 6:53 AM, Michael Sweet via ipp <ipp@pwg.org> wrote:

 Chris,

Thanks for forwarding this!

Looks like the bulk of the open "devices" are CUPS servers, which would have needed to be explicitly configured to allow remote access - the default is localhost-only, then local subnets (for regular printer sharing), then whole-internet (if you want things wide open...)


> On Jun 24, 2020, at 12:09 AM, Rizzo, Christopher via ipp <ipp@pwg.org> wrote:
>
> Maybe you have already seen this. Forwarding in case it needs discussion
>
> https://www.shadowserver.org/news/open-ipp-report-exposed-printer-devices-on-the-internet/<https://www.shadowserver.org/news/open-ipp-report-exposed-printer-devices-on-the-internet>
>
>
> Chris
>
> Christopher Rizzo
> Xerox Corporation
> GDG/Discovery/Advance Technology
> 26600 SW Parkway Ave.
> Wilsonville, OR 97070-9251
> Phone: (585) 314-6936
> Email: Christopher.Rizzo@xerox.com
>
> "The realization came over me with full force that a good part of the remainder of my life was going to be spent in finding errors in my own programs."
> -Maurice Wilkes, Memoirs of a Computer Pioneer
> _______________________________________________
> ipp mailing list
> ipp@pwg.org
> https://www.pwg.org/mailman/listinfo/ipp<https://www.pwg.org/mailman/listinfo/ipp>

________________________
Michael Sweet



_______________________________________________
ipp mailing list
ipp@pwg.org
https://www.pwg.org/mailman/listinfo/ipp<https://www.pwg.org/mailman/listinfo/ipp>
_______________________________________________
ipp mailing list
ipp@pwg.org
https://www.pwg.org/mailman/listinfo/ipp