HP JetAdvantage Security Manager 10 Device E-LTU Manual de usuario descargar pdf (Pagina 97)

solutions. Support for the IPX/SPX protocol stack has been removed in many of the new HP Future

Smart devices. Because of the direct linkage to IPX/SPX, support for the RCFG protocol has been

dropped as well. IPSC policy editor constraints tie the two protocols together for this reason.

RCFG is enabled by default on the devices that still support this protocol. RCFG does not support

encrypted communications or authentication and therefore is not considered a secure protocol. RCFG

was not used for Direct-Mode (peer-to-peer) printing. RCFG was used to remotely configure the

Jetdirect print server queues, but could also be used to configure protocols and restart the IPX stack.

RCFG should be disabled along with the IPX/SPX stack if not required in the print environment. At the

minimum, RCFG should still be disabled if IPX/SPX is required in the environment.

Telnet

Telnet is a configuration and information protocol that allows you to configure a device from a

console directly on the device.

The Telnet protocol is used as a communication facility to allow a standard method of interfacing

terminal devices or processes. It’s well-known port is Port 23. In the context of Jetdirect, Telnet is

used for setting or displaying configuration parameters. Jetdirect products have included a Telnet

configuration option for a number of years. Although the Web UI may be the configuration method

of choice, some customers appreciate the availability of Telnet when browsers are unavailable or the

embedded web interface is not accepting connections. Jetdirect configuration items available through

Telnet range from Admin password assignment to many of the printing and discovery protocol

settings. Telnet only listens for one session at a time. Other Telnet clients cannot see any Telnet

menus until their sessions are accepted. The Telnet session can be terminated at any time by either

side of the connection. Parameters are not saved if the Telnet session is lost before the user exits from

the Telnet main menu. Telnet is sometimes used to easily test TCP/IP connections. Printing is also

possible through Telnet by opening up a session using Port 9100, then entering the data to be

printed.

Enabled Telnet obviously poses a serious security risk in any print environment. Although a Telnet

connection may be protected by an administrator password, Telnet connections are not secure. Telnet

data is transferred over the network in a clear text, unsecured fashion. Once able to establish a Telnet

session, a hacker would almost have complete access to the printer’s configuration. Latest reports

have shown that hackers appear to be using the telnet remote access protocol approximately 10% of

the time to attack corporate servers over mobile networks. Fairly significant statistics considering

Telnet is ~40 years old. Due to these Telnet related vulnerabilities, it is becoming increasingly

common to see Secure Shell (SSH) replacing Telnet access methods. It is recommended to disable

telnet and use a more secure method to configure HP devices. If telnet is required to transport data, it

is recommended that an encrypted Telnet solution be deployed.

1 2 ... 92 93 94 95 96 97 98 99 100 101 102 ... 115 116

Sin comentarios

HP JetAdvantage Security Manager 10 Device E-LTU Manual de usuario Pagina 97