[IDS] HCD_PSTN_Fax_Enabled attribute

[IDS] HCD_PSTN_Fax_Enabled attribute

[IDS] HCD_PSTN_Fax_Enabled attribute

Ira McDonald blueroofmusic at gmail.com
Fri Aug 14 18:04:03 UTC 2009


Hi Randy,

Yes - you got the threat right.

The second thread that I mentioned was, if the AAA network
service has been compromised, then a sound MFD could
be used by an attacker (with stolen credentials) to send
OTHER users document data out through PSTN Fax.

Cheers,
- Ira

Ira McDonald (Musician / Software Architect)
Chair - Linux Foundation Open Printing WG
Blue Roof Music/High North Inc
email: blueroofmusic at gmail.com
winter:
  579 Park Place  Saline, MI  48176
  734-944-0094
summer:
  PO Box 221  Grand Marais, MI 49839
  906-494-2434



On Fri, Aug 14, 2009 at 12:55 PM, Randy Turner<rturner at amalfisystems.com> wrote:
>
> So if an MFP (with PSTN fax capability) has been compromised, then someone
> could possibly re-vector confidential documents to be printed (or being
> scanned) and send these to some remote fax recipient over the PSTN fax
> feature.  Did I paraphrase the threat accurately?
>
> Thanks!!
> Randy
>
>
>
> On Aug 14, 2009, at 7:56 AM, Ira McDonald wrote:
>
>> Hi Randy,
>>
>> Not that I know of.
>>
>> In my previous experience with government agencies,
>> the primary concern about PSTN Fax was that it could be
>> used *from a compromised system or by a rogue walkup
>> user* to export documents and system configuration
>> information invisibly, i.e., w/out passing through a firewall
>> and w/out any chance of detection by smart routers
>> (ones with embedded firewalls).
>>
>> Cheers,
>> - Ira
>>
>> Ira McDonald (Musician / Software Architect)
>> Chair - Linux Foundation Open Printing WG
>> Blue Roof Music/High North Inc
>> email: blueroofmusic at gmail.com
>> winter:
>>  579 Park Place  Saline, MI  48176
>>  734-944-0094
>> summer:
>>  PO Box 221  Grand Marais, MI 49839
>>  906-494-2434
>>
>>
>>
>> On Thu, Aug 13, 2009 at 9:55 PM, Randy Turner<rturner at amalfisystems.com>
>> wrote:
>>>
>>> Are there any documents on the internet that you guys know about that
>>> describe existing attack vectors on PSTN/Analog Fax lines?
>>>
>>> Randy
>>>
>>>
>>> On Aug 13, 2009, at 6:44 PM, Ira McDonald wrote:
>>>
>>>> Hi Randy,
>>>>
>>>> It's not that we don't care about IFax.
>>>>
>>>> It's that all forms of Internet Fax have protocols and IP
>>>> ports that would be reported in HCD_Firewall_Setting.
>>>>
>>>> But many businesses and government agencies ALSO
>>>> want to close the "back door" of PSTN Fax.
>>>>
>>>> Cheers,
>>>> - Ira
>>>>
>>>> Ira McDonald (Musician / Software Architect)
>>>> Chair - Linux Foundation Open Printing WG
>>>> Blue Roof Music/High North Inc
>>>> email: blueroofmusic at gmail.com
>>>> winter:
>>>>  579 Park Place  Saline, MI  48176
>>>>  734-944-0094
>>>> summer:
>>>>  PO Box 221  Grand Marais, MI 49839
>>>>  906-494-2434
>>>>
>>>>
>>>>
>>>> On Thu, Aug 13, 2009 at 9:02 PM, Randy Turner<rturner at amalfisystems.com>
>>>> wrote:
>>>>>
>>>>> Hi All,
>>>>>
>>>>> When we came up with this attribute, we include PSTN in the name, which
>>>>> means we only care about PSTN fax, and not internet-fax options such as
>>>>> T.38
>>>>> or other fully capable iFax features.
>>>>> Did we mean to do this? We only care about PSTN? Which I assume to mean
>>>>> analog fax?
>>>>>
>>>>> Randy
>>>>>
>>>>>
>>>>> --
>>>>> This message has been scanned for viruses and
>>>>> dangerous content by MailScanner, and is
>>>>> believed to be clean.
>>>>>
>>>>> _______________________________________________
>>>>> ids mailing list
>>>>> ids at pwg.org
>>>>> https://www.pwg.org/mailman/listinfo/ids
>>>>>
>>>>
>>>
>>>
>>
>
>
> --
> This message has been scanned for viruses and
> dangerous content by MailScanner, and is
> believed to be clean.
>
> _______________________________________________
> ids mailing list
> ids at pwg.org
> https://www.pwg.org/mailman/listinfo/ids
>

-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.




More information about the ids mailing list