Curious, if they are doing a scan, can/should they not, in public interest, also print a page notifying, if possible in the local language else a page with multiple languages, that the printer should be secured.
"We scan by sending an IPP Get-Printer-Attributes request to TCP port 631. We started regular scanning of all 4 billion routable IPv4 addresses on the 5th of June 2020 and added Open IPP reporting as part of our daily public benefit remediation network reports on the 8th of June 2020. Our IPP scans uncover around 80,000 open devices (printers) per day."
That number is lower than I thought it might be. For some reason South Korea has about 36k of that 80k. I don't see any guesses as to why on the report page.
When i found a open printer (by accident) i printed a nice letter on it that they should put the printer behind a firewall or at least into a private network.
To be honest i had to think about it..but no, would be a waste of resources, but i chose Comic Sans and a light gray Matrix-Code background...it looked really Blackhat'ish ;)
I have been scanning the internet for years and finally got around to building a web UI for the data. One of the features will be a clear "action items" list for securing your network based on results. I'll be posting a Show HN soon, but if you'd like early access shoot me an email.
