Time
2 hours 52 minutes
Difficulty
Intermediate
CEU/CPE
3

Video Transcription

00:00
Welcome back to Printing Security Intermediate Course. In this lesson, I'm going to talk about protection against printer protects so specifics regarding just this kind of protection.
00:11
So, um,
00:13
I all the default security measures can protect against the print job attack. But there are some other things that you need to know regarding print jobs attacks. Because they are at the sneakiest of the text.
00:28
They are using the
00:31
building
00:33
main building the future of the printing device, which is to print So the in order for the rights to print you are supposed to send the print job there. And if you medals with the print job,
00:45
it's almost impossible to detect that the meddling happened, so you need to be protected. So after care, in case of that, the attack is usually requires fully hardware reset of the device may be changing off hard drive
01:02
so it can be costly. It also requires for somebody to go directly to the device to have a physical touch on it.
01:08
And, uh,
01:11
what is important is that there are different kinds off damage and risks coming from PCL Attacks, P jail attacks and PostScript index, and usually these things that get combined.
01:25
So the first thing you need to do because if you remember, postscript is the most dangerous thing in the printing world because it's a fully
01:34
capable of programming language.
01:37
So if if if if you don't need it. And most of big companies simply don't use postscript. Everybody's using PCL drivers because there are much more adopted to use for office printing, which is what everybody needs. So if you don't have specialized graphics department in the
01:53
in the company that actually requires postscript just the regular marketing people, for example, they are quite a cave in PCL.
02:05
So if it's possible in otherwise disabled,
02:08
if it's not possible to disable postscript, for example on them some older devices, you didn't have the capability to disable. PostScript. But you have the capability to tell the device that default printing language is PCL.
02:24
So whatever comes from,
02:28
um,
02:30
any kind off
02:34
bring the PC or server.
02:37
If it's not people BCL, it gets disregarded or you just the garbage gets printed, but postscript interpreter is not turned down, so this is capable on older devices. On your device is what you can do is disable postscript access to hard drive or limited or
02:57
had the passwords for
02:58
for debt.
03:00
Then what you can do is to set printing allowed only from server,
03:05
and in that case, on the server, you have only PCL installed. So if something is coming from any other source, like any dire PC, because you can send if you know the I P address of the printer, you can send the print job, be using command prompt and copy command directly to the court.
03:25
So if the printer is not
03:28
interested in in anything coming from any PC except except it's is if it's a server. So Windows Sarah,
03:35
then yours pretty much safe so that any print job that can be malicious and will sent from somewhere else will be disregarded.
03:46
But the West way to protect yourself from
03:49
ah fringe of the text
03:52
is toe introduce a curable printing within to end encryption so that in that case,
03:59
bring job is generated on
04:01
PC.
04:02
It's sent to the server on server. It will sorry on the PC. It is already encrypted. Then it cento server on the server. It's decrypted. Rendering is done than the print job is again encrypted and then to send to printer,
04:18
which uses Adan or up up inside the printer, which is
04:24
extra installed. So it's not usually another thing that you have by default imprinting devices,
04:30
and it's decrypted again and then printed.
04:34
And in that case, the printer will not accept unencrypted print jobs.
04:40
Which is really cool, because in that situation, the only way to stand the print job is through standard, well defined the path and no malicious print job can be generated in that case, so you're pretty much safe.
04:57
So this is all about printer but X. Let's do a short tow. No trick,
05:00
I'm lending. Check eso What PD l can do most damage with fringe of attacks. The possible answers are postscript. PCL Excel because it's the most violent video or PCL five, because it uses escape sequences. Of course,
05:15
if you remember, everything that I was talking about so far is the postscript. Postscript is D most dangerous type of print job.
05:29
In this lesson, I have been talking about specifics in protecting your print device against fringe of attacks and in next lesson, I'm going to talk about protecting the print device against the possibility off militias for upgrade

Up Next

Intermediate Printing Security

The Intermediate Printing Security course is intended for IT and cybersecurity professionals that want to learn how to secure print devices.

Instructed By

Instructor Profile Image
Milan Cetic
IT Security Consultant
Instructor