Hacker News new | ask | show | jobs
by trapexit 3482 days ago
Major enterprise vulnerability scanner author here (15 years ago). Yes, we scanned the port, and yes, we ran a lot of fingerprinting rules against it until we figured out what it was (or ran out of rules), so that we'd know what vulnerabilities to test for.

This had some amusing side effects when we encountered some services we'd never seen before, like the port on HP printers that sends every byte straight to print... apparently expecting PCL or PostScript but if it didn't understand it, it just printed the ASCII. Came into the office one morning to find all printers out of paper and 500 sheets sitting in the output tray. Oops.
2 comments
jrochkind1 3482 days ago
It worked, you found a vulnerability.
link
pc86 3482 days ago
> the port on HP printers that sends every byte straight to print

That seems like a design flaw. :)

link
woliveirajr 3482 days ago
I remember my first epson dot matrix receiving data from my z80.

Print a graphic was done by sending exactly every dot to it, I mean, 1 to put a dot on the paper, 0 to blank. Encoded as a byte...

link
AnimalMuppet 3482 days ago
At a minimum, it seems like a way to DOS an HP printer...
link
caf 3482 days ago
Now that's "Resource Exhaustion".
link
AnimalMuppet 3482 days ago
And not just the paper. You might be able to DOS the ink as well.
link
jacobush 3481 days ago
If we are going there, toner
link