Tag Archive for 'security'

13
May

Kyocera EP510DN printer

By Jim Comments
Categories: Uncategorized Tags: , , , , .

We got a new Kyocera printer at work a few days ago. The model we’re trying out is an “EP510DN“. We had a heck of a time finding information for this printer on the Kyocera web site. In desperation, we called their sales/support people who informed us that a Kyocera “EPwhatever” is an EcoPro unit, all of which show up on the KyoceraEcoPro domain. (Personally, seems like having completely different domain names for the same company is a good way to dilute your brand.) As soon as I added “EcoPro” to my Google query, I got meaningful results on the first page.

We are setting this up on a FreeBSD print server. We had DHCP and DNS configured and tested, so we created a printcap(5) entry for the printer, and got… errors (from the /var/log/lpd-errs log file):

lpd[32955]: /dev/lp: No such file or directory

After much head-banging, I finally figured out the problem–there was some whitespace at the end of one of the lines in the printcap. Doh!

Some other notes and information about this printer:

  • Web-based configuration doesn’t support https:// protocol. :(
  • The configuration username is “admin”. Default password is “”. Get IP configured on the printer, pull up the web interface, and change it–ASAP! (Ideally you would set the password on a private network, before putting it on the Internets. Not that it’ll do you much good–see previous note.) I’ve seen a pretty gnarly security exploit for Kyocera printers, which seems to bypass what little security is available, but I haven’t tested it on our unit yet.
  • The printer supports Bonjour protocol, although it doesn’t seem to be a “real” PostScript printer. (My Mac sees it as a “Generic PostScript” device.)
  • The EP510DN PPD file is available for *nix operating systems. I’m still looking for a Mac driver for this printer.

I don’t know if we’ll keep this printer or send it back. The print speed is definitely nice, and print quality seems alright. I’m a bit disturbed about all the network services that this printer provides, without securing them in any meaningful way. I’ll try out the cracking suggestion above and see if this model is vulnerable.

30
Jun

Using WordPress tags? Don’t forget to re-apply the tags patch!

By Jim Comments
Categories: Uncategorized Tags: , , .

Thanks to Joseph and my blogroll, I saw the WordPress 1.5.1.3 security update. I forgot to re-apply the tags patch from Felix Wong’s tags plugin the first time through. Doh! Thanks for posting this, Joseph.

March 2010
M T W T F S S
« Dec    
1234567
891011121314
15161718192021
22232425262728
293031  

Months

Tags

a wok for all seasons abramoff accessibility acetylene active directory activism adodb aerial photo afrofunk aim4tree air america airport express alite alito amtrak andante andy antenna anti failure any browser apache appetizer apple apple pie applescript arden arcade arden park ariana arnold artichoke ashland astronomy attic attika audio avid reader backup baen bart bash batch bathroom bbq bee beef begonia bgg bike bike hikers bike journal bikejournal biketalk bill oreilly bittorrent blacklist blog bloggercode blogroll blueberry boardgamegeek boardgames bonjour book bookcrossing boot failure bootcamp borderline chaos bugmenot bush business card butter cabinetry caira caitlin california callsign candamir caroline carpet cat cateye cdrom celebration cellular phone century cfengine cheese chicken chico chimney chinese chipotle chocolate christmas chumby city bikes civilization cjd claire club club fed co op coconut coffee comfort food community computer concord congress conquest conservation consumer reports copyright costco crazybikerchick crepe crock pot cruftbox css csus curl currency custard cvntrak dagoba daniel goetz darwinports database datarescue date format death delicious monster democracy now Democrat demolition dessert dhcp dickens diff disaster discrimination discworld dishwasher disk mirror diskutil diskutility diskwarrior dixie belle dock doors downing street memo drm dryer drywall dtv dump ed burke eff eggs eject election electric car electric truck electrical electricity elvgren emacs email energy efficiency eric meyer esr etext euthanasia facebook family faq faux news fcc feed feedreader fence finder firefox fireworks first4internet first amendment fishmeal flash flickr flooring fondue foreign exchange foundation fox and goose framing freebsd freedback freetds fsck fundraiser fyq garage garden geek geotag geourl ginger gnutar go gonuls google google earth google maps gpl gracenote graywater greek green group concat gtd gunthers gutters gwbush gymnastics hacking halloween ham ham radio handspring hardwood harry potter headmeta heimdal high speed photograph high tech inv hoax hobbies hobby hodgins holiday holly home power magazine horcrux houseblogs how to html humor hvac ilovejackdaniels imac impeach init inspection insulation intel internet iostat ipod ipodder iq iraq isight iso itunes ivins iwantsandy java city javascript jean reno jet lag joint chiefs joseph jott journalized blue judges cup juliette binoche kctc kerberos khs kimkerry kitchen kyocera la salles la times labor landscape laundry law leatherbys legal lego leopard lhc liberal library linkedin ljurban lodi logic logo lungren lynx maaloufs mac macaroni macbook mafc mailinator make.conf malware map marin markdown martin yan mason media media clip media reform meetup metric mexican microsoft mike comfort military milonic mindstorms mlk model railroading modoc hall monterey morning sedition motorcycle movie moving mssql munchkin murray mushroom music mynetflix mysql n3jim nagios naked lounge nerd score netflix network new urbanism new year New Yorker nofollow nut nutella oatmeal obama obcz occidental occupation omni openssl oracle organic osx owp paint pair palast palm panasonic parallels party patch peak adventures peak oil pear pedestrian village perl petaluma php ping pingback pingomatic pingomation pingqueue pirate pl sql planet bike plasma playroom entertainment plugin plugin:preview theme plugin:text control plugin:ultimate tag warrior plumbing podcast podsite politics portaudit portmaster ports portupgrade postfix potato powerbook Pozsars printer programming project gutenberg pryde punk puzzle qiana qrz quilt quilt shop quiz quote r5 records racism radio RAID railroad recent comments recipe redalt remodel repairmirror resaurant resolution restaurant restore review richmond rio americano robotics roger niello ron montana roof rootkit rss sacbee sacog sacramento sacramento spotlight magazine salad samba san francisco sandwich santa cruz scam scandal school days scplugin screen security session report shakespeare shuffle sigma siriradha sitemap slim jim snl snopes social social network software soma somafab sonicchicken sonicchicken blog sony spam spam karma spellcheck spinach spinner spirit spoiler etiquette spring hill cheese sql sqlserver stairs standards statcounter stephen king stop loss stucco stunt subversion sudo sudoku superbowl superhero supreme court sushi svn sysadmin tacoma tags plugin takara technology telephone television template terms and conditions textcontrol thai kitchen thanksgiving the well seasoned wok theater theme theme:borderline chaos theme:elvgren theme:elvgren wordpress google code theme:fluid blue theme:fullwidth theme:head theme:journalized theme:journalized blue theme:psycho theme:redoable theme:sharepoint like theme:simple green theme:spirit theme:steam theme:wuhan theme:yadda theme switcher thomas tigris euphrates tile tinfoil hat toc tofu tower theater training transit transit oriented development tribute u haul uneasy rhetoric university village unix ad notes ups van zant veal veterans day video vie viking hobby vote smart w3c wall warboss washer washington post weather web web developer web server wikipedia windows windows server 2003 wishlist woodworking wordpress workplace wpblacklist wpgatekeeper wsj xserve yaaarr yard

Blogroll

Recent Entries