
Open IPP Report – Exposed Printer Devices on the Internet - exanimo_sai
https://www.shadowserver.org/news/open-ipp-report-exposed-printer-devices-on-the-internet/
======
yumraj
Curious, if they are doing a scan, can/should they not, in public interest,
also print a page notifying, if possible in the local language else a page
with multiple languages, that the printer should be secured.

~~~
Shared404
It seems like that would wind up causing more trouble than it's worth. While
you or I may appreciate that, Joe McConsumer is just going to freak out.

In addition, it seems like that could wind up generating ill will towards the
foundation ("They're wasting all of our $materials").

------
blakesterz
"We scan by sending an IPP Get-Printer-Attributes request to TCP port 631. We
started regular scanning of all 4 billion routable IPv4 addresses on the 5th
of June 2020 and added Open IPP reporting as part of our daily public benefit
remediation network reports on the 8th of June 2020. Our IPP scans uncover
around 80,000 open devices (printers) per day."

That number is lower than I thought it might be. For some reason South Korea
has about 36k of that 80k. I don't see any guesses as to why on the report
page.

------
nix23
When i found a open printer (by accident) i printed a nice letter on it that
they should put the printer behind a firewall or at least into a private
network.

~~~
crest
White on black, 999 copies just to make sure?

~~~
nix23
To be honest i had to think about it..but no, would be a waste of resources,
but i chose Comic Sans and a light gray Matrix-Code background...it looked
really Blackhat'ish ;)

------
l0b0
Is there a Have I Been Pwned-like service for such reports? Scanning their own
network for such services would be beyond most users.

~~~
mike_d
I have been scanning the internet for years and finally got around to building
a web UI for the data. One of the features will be a clear "action items" list
for securing your network based on results. I'll be posting a Show HN soon,
but if you'd like early access shoot me an email.

------
beamatronic
Do these get opened by UPnP?

