Hi all,
Just curious to see if anyone's ever experienced an attack on or attempt to spoof their network printers?
If so, what sort of symptoms were you experiencing from a user and admin perspective? What kind of network symptoms were you experiencing? Were there other exploits involved in the attack (as a point of origin or subsequently)? How did you resolve the issue(s)/trace the origin (if you were able to do so)?
I have a reason for the questions but I'm truly as interested information from everyone's experiences as much as I am relative to my current situation.
Also, if anyone has specifically recognized TCP idle scans as an attempt to spoof network printers (or other network devices with predictable IPID randomization) I'd be interested in learning more about that if you're willing to share.
Thanks.
↧
Network Printer Spoofing
↧