In message <532F60DD.3030302@foobar.org>, Nick Hilliard writes:
On 23/03/2014 21:02, Mark Andrews wrote:
Actually all you have stated in that printer vendors need to clean up their act and not that one shouldn't expect to be able to expose a printer to the world. It isn't hard to do this correctly.
perish the thought - and I look forward to the day that vendors write secure software which is impregnable to all vulnerabilities past and present. When that happens, I'll cast away my default deny configurations and advise other people to do the same.
And there you go putting stricter requirements on printers that you don't put on laptop, servers. None of us would put any machines on the net if they had to meet your printer's requirements.
Until then, though, I hope you understand why I suggest that default deny is no less sensible a precaution than locking the front door in a busy city.
Nick
-- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: marka@isc.org