Is it behind a firewall ? That's the first thing. If your firewall can be figured to block outbound connections from this machine on the minimum number of ports it needs to do it's job that's better.
I'd be afraid of Savin's remote administration. Worst case all the Savin machines in the world have the same userID/password [1] and it's root/root. The machine may want to phone home periodically for maintenance, supplies, and updates and an ex-savin employee could do all sorts of things.
I'd use the firewall to log all outgoing connections and see what the machine was doing.
[1] At a security conference it was reported that a major brand card key access system was controlled with a PC running SCO Unix, the source code for the application was on the machine with the names of all the other customers of that type machine in the code as conditionals and the admin userID and password was obvious and the same for all other customers. And all the systems had a dialup modems that allowed incomming connections.
An office for which I consult just purchased a Savin 4045sp copier/scanner/printer. I would normally handle any computer-related purchases, but since this was "just a copier," I didn't hear about it until the deal was completed. The more I see of its specs, the more the Savin looks like an Internet-capable computer with potentially serious security issues.
Besides being able to serve as a network printer, it has a 20 GB hard drive, and can connect to the Internet to upload its own "scan and send" emails. The salesman convinced the office manager that there would be no problem connecting the device to the current network, since he would provide a wireless network access point that would simply plug into our 10-100 switch. Confirming my worst fears, the Savin manual says that the 4045sp uses the obsolete WEP encryption for its wireless connection.
I think that I can prevail against the wireless option, but not against using the Savin as a network printer. That "scan and send" feature really bothers me. It means that a device running software that I have not installed and do not understand could upload confidential client files to the Internet as email attachments. If I connect the Savin to the Internet, can it be hacked? I don't normally have to worry about shielding the server from access by its network printers, but in this case maybe I should.
Next, the microwave will be demanding its own static IP.
Depending on how tight-ass your company is about records privacy (ie HIPPA regs for medical info or company info considered sensative/competative) I'd give a senior business exec a heads-up for a business risk assesment. This kind of equipment wouldn't be allowed in the door in the last big company I worked for.
I assume the Savin can print a report of all FAX activity. In a high security environemnt that log would be compared to the SMTP log.
If you're not already behind a firewall, you should be. That means you don't have to allow outbound directly from the copier - you can have it relay through your internal SMTP server, and that means you can save a copy of all outbound email messages.
These copiers are not a serious threat - they are simple devices. Have the copier people provide training and also have them provide a means to only send documents to the internal users email boxes - this prevents company documents from leaving the copier and going directly to customers.
As I have read from other posts before mine, I agree... This device is not a serious threat (under normal/default conditions)... obviously, change the password as suggested above and make sure it is something unique to your network (no other host shares the same PW)...
also, by default, Internet e-mail connectivity usually relies on the local environment (e.g. your internal SMTP server or the server out on your ISP)... someone needs to key this data into the device and it is doubtful your client knows the required info, nor do they know how to get it (from any other souce than you)...
do not permit any inbound traffic to target the device unless it is a must and you have evaluated and approved of the connection... In most cases I have been privy to, a direct connection from the Internet to a printing device is rarely if ever necessary...
Wireless really shouldn't be a big deal either... just run a cable from the printer to your switch... I would not rely on a wireless connection for printing or scanning if I could avoid it... but even if you did permit it, the harm potential can be managed pretty well. It will only be transmitting print data anyhow... no passwords or user IDs should be getting sent to the printer unless you require such data to be provided (which is overkill in my opinion)...
Scanning could be a problem in a wireless environment if the data is being sent to an internal server instead of the printer's local drive... because in this case a username and password will be necessary unless you set up an anonymous share on your server... still, not a big deal in most cases (unless it is the photocopier being used in the Michael Jackson case)... etc. etc.
hope (at least) some of that made sense.
More than happy to clarify my comments if requested.
Thanks very much for the very good, quick response.
Well, sure. I suppose that I would feel a bit better if I knew that the Savin OS was some flavor of 'nix. The fileserver runs Samba on RedHat 9. Firewall is a Smoothwall box, plus ZA Pro on all clients. Clients are mixed 98SE and XP Pro.
It's all behind a Smoothwall box. I'll try to block the Savin NIC IP with Smoothwall.
Well, there's a cheerful note. I'm sure you are right, thanks for the warning. I'll see about resetting that password when the Savin arrives tomorrow. As for phoning home, I would prefer to keep that thing entirely off the Internet. If it insists on phoning home, I'll see if it can get by on a couple of minutes per month over a dial-up connection. No broadband for the copier.
"TomC" wrote in news:xeC6e.3363$ snipped-for-privacy@news01.roc.ny:
Irony meter pegged.
"Sorry, we can't provide those 500 copies you need for your presentation, sir. The copier got hacked and won't print anything but pictures of somebody's butt."
I know it's not a laughing matter but at some point, you just have to.
The documents being printed in many cases contain information that should remain confidential. Even if the wireless access point could be blocked from accessing the rest of the network, the risk that the print jobs themselves might be intercepted was just not acceptable. Fortunately it was not necessary, as the Savin has a configurable 10-100 NIC, and by some miracle the numbered RJ-45 jack in the copier room turned out to actually be connected to the same-number jack on the server-room jack panel, so, no wireless needed.
I hope to make sure that it does not become necessary. What an annoyance. Savin's engineers must have worked long and hard to provide the email functionality that actually reduces their product's value to me.
Well it would get my ass fired, and I'd be the butt of many jokes, and it's cheeky of you to suggest it, etc. Actually if I were about 14 I'd probably be trying very hard to figure out how to do something exactly like that.
You could try staging something similar just as a demonstration. Clear it with your supervisor(s) and explain that it is security training for the employees. It might make maintaining security less of a problem if they can see firsthand that events like the above scenario are possible and do happen in real life.
Maybe I am still a little lost, or (if so, I apologize) I breezed through your message so many times that I am now overlooking something (sounds ludicrous, I know, but it happens to me all the time "Freaking ADHD!!! haha)
at any rate... does the Savin NEED to connect to the Internet in order to work?? So long as it doesn't get a default gateway, how will it get there... even if it does, just block its access from your firewall...
also, even if the thing is using WEP... how likely is it that someone is frequency scanning and hacking your network? Not trying to make light here, you may very well work in an envirment w/ such a risk, but most "typical" environments don't suffer such hazards...
I have a lot of other thoughts on this matter since I have set MANY copier/printer/scanner etc. devices up, I feel that I might be able to be of some assistance here...
what model SAVIN w/ what management card and software?
The hard drive is in many cases a convenience item... caching, scan to storage for frequently printed docs (sparing the need for a mail room full of copied forms), print to HDD for storage so a passcode must be typed at the console from the person who printed it (this is used in community printing environments where sensitive docs are printed but you only want the originator of the doc to be able to retrieve it)...
sorry about the run on sentences and thoughts here.. post back and I will try to focus better on my next response..
Actually I'm not at all sure that the scenario IS possible. I posted the question because I wanted help in evaluating the risk. I'm still sorting that out, but I will not enable the "scan and send" email feature, and I've blocked the Savin from accessing our broadband.
It's a Savin 4045ESP, but it prints config pages saying it is a Ricoh Aficio
2045e. I don't have the card/software info here.
Great, then I have a question. I should be able to keep the Savin off our broadband by blocking its IP, giving it an incorrect gateway, etc. However, it also serves as a fax, so it has its own phone line and modem. Can the software/firmware in this thing be rewritten remotely over a phone line?
OK, maybe I am being a bit paranoid here, but I'm still curious.
Oops! Sorry about getting off topic there. I used to work for a small company that required almost daily application of the cluebat to the owners. Your situation just reminded me too much of the messes that I had to put up with, and I slipped right back into character reading these posts.
It looks like keeping a close watch on the packets is about all you can do for now. Blocking broadband access was a good move.
certainly, the software COULD be written that way, but I would doubt it... so let me get this straight though. Are you more concerned about the device dialing out by default, or just being susceptible to malicious dial ins?
yes, I believe you are being a bit paraniod... but my mind works the same way. Potential risk vs. reasonable risk sit on opposite ends of the spectrum on this one though (in my opinion).
my apologies if my thought process or sentence structure is lacking... I have been engaged in a rather lengthy lecture w/ my friend Budweiser for the past few hours.... haha
Those nice young men in their clean white shirts will be coming for me soon, but until they arrive...
Just show me an evaluation from a team of security experts who say that this thing can't be hacked from a phone or a LAN Internet connection, and I will learn to love its "features". I suspect, however, that the Ricoh Sales Department called down to engineering with their "scan and send" brainstorm, and the job was assigned to Young Engineer Kim, his first job out of college, and he cobbled something together that met the Sales Dept. specs without giving any thought at all to security, which he knows and cares nothing about anyway. After all, doesn't that describe Microsoft's approach to software design until a few years ago? Why would I presume that a copier company would do better? The Savin is probably low risk, but "scan and send" is in our case a negligible benefit. It's not the end of the world, I just don't like it.
damn.... reviewing this thread tonight I see the post I THOUGHT I posted the other night wasn't posted...
ho hum... since my liver has just assigned a full class A subnet to processing the Jack Daniel's in my body I suspect my response may be less than adequate...
In reality, if you are truly being reasonable with your concerns and have truly evaluated every other piece of communication capable equipment in your office, I submit this:
Yes, any device that has been programmed with proprietary (or at least, non public) code, you are at risk... possibly your old thermal paper fax 10 years ago was forwarding every transmission to some party unbeknownced (sp?) to you... it is the inherent risk you take when you permit such devices into your domain (logical domain, not just M$ domain)...
If you employed some high tech company to analyze your environment, the reasonable doubt could still exist that they were in bed with some big brother who is monitoring every piece of data you are transmitting...
who's to say the gov't doesn't require every telephony or Internet capable device to connect to some network that all phone bills wont log or firewalls wont track... it is certainly possilbe... it is even possible that all (commercial) packet analyzing software would ignore any data being sent back to "home base"... mind you, I do not intend to imply such a conspiracy theory is accurate, just possible.
again, like I (believe) I have submitted before; I have no idea how much time and effort you have invested into the security of your network, but I suspect your concerns about the savin copier may be a bit unreasonable (yet, yes, possible)...
If you truly want to secure the data on your network from any prying eyes (on your side)... I think you will need to hand deliver all of your data via paper, CD or otherwise to your intended parties (and then, who's to say their network wont be susceptible to the exact same risks yours is?
I am truly not trying to mock your concerns, because I truly do believe them to be founded... but the boundary between information security and ability to conduct business with the casual public inherently poses certain dilemmas (sp?) such as the ones you just proposed... at what point are you prepared to accept the associated risks?
It's a Savin 4045ESP, but it prints config pages saying it is a Ricoh Aficio
2045e. I don't have the card/software info here.
Great, then I have a question. I should be able to keep the Savin off our broadband by blocking its IP, giving it an incorrect gateway, etc. However, it also serves as a fax, so it has its own phone line and modem. Can the software/firmware in this thing be rewritten remotely over a phone line?
OK, maybe I am being a bit paranoid here, but I'm still curious.
It's a Savin 4045ESP, but it prints config pages saying it is a Ricoh Aficio
2045e. I don't have the card/software info here.
Great, then I have a question. I should be able to keep the Savin off our broadband by blocking its IP, giving it an incorrect gateway, etc. However, it also serves as a fax, so it has its own phone line and modem. Can the software/firmware in this thing be rewritten remotely over a phone line?
OK, maybe I am being a bit paranoid here, but I'm still curious.
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here.
All logos and trade names are the property of their respective owners.