Sign in with
Sign up | Sign in
Your question

Strange printer in add hardware

Last response: in Computer Peripherals
Share
November 29, 2010 11:22:16 PM

I have a Xerox proscanner workstation in my add hardware under imaging. It cannot be removed and cannot add my Canon printer as it wanted to erae the CD to do so. Canon works fine and is in device manager and printers and scanners for a few days and then the Xerox kicks it out. I have to reinstall the Canon device with a download of it I have in downloads and then works fine again for awhile.

I think the VN and Chinese might have a bug in their built Canon and HP multifunction printers. It will allow them to read your computer when you on line and using the printer.

Guru computer security tech sent the following to me and request any thoughts on this subject.

Quote

I searched US-CERT (the Homeland Security Website) and discovered in 2008 there were problems with multiple
Canon Printers. I'm not sure how old yours is. Here is the scoop on the 2008 Canon problem:

++++++++++++++++++++++++++++++++++++US-CERT+++++++++++++++++++++++++++++++
Canon -- imagePRESS
Canon -- i-SENSYS
Canon -- imageRUNNER
The FTP print feature in multiple Canon printers, including imageRUNNER and imagePRESS,
allow remote attackers to use the server as an inadvertent proxy via a modified PORT command, aka FTP bounce.




unknown

2008-02-28
6.4 CVE-2008-0303
OTHER-REF
OTHER-REF
CERT-VN

The basic problem with Multi-function printers. Especially those made in China or Vietnam is they are an ideal
place to install remote internet routines. The multifunction printer has a send/receive function that allows it to contact the
Internet independantly of the PC itself. (When you install the printer software your Internet Security Program makes
it either Low Restricted or "Trusted") A "trusted" application or device is an easy end-around for your installed security system
and firewall. We have to remember the Chinese and Vietnamese are good friends. (still) They would like nothing better than to sock it to the U.S. Cyberwise. The sad part of this is the Canon and HP people are participants by default.

My neighbor across the street has a 2006 HP multi-function printer. HP has issued at least three revisions of the software!
It raises holy heck with his Dell PC and reinstalls itself as a phantom device in printers and devices folder in the Control Panel.
After that, it won't print unless you correct the problem.
We've tamed it a bit by re-installing it three different times with updated software from HP... (A long process)
I believe HP is still working on this problem. They just issued another software release for 2010 for this 2006
multi-purpose printer that my neighbor loves to use. HP has a vested interest in keeping it running, so they don't really
admit that China threw them a curve in making this thing. But you can imagine any company updating the software for
a cheap $150.00 printer is having problems. (That's a 4 year old "throw-away" device). The inkjet cartridges are expensive,
last only 3 or 4 months and you have to change two cartridges when the ink runs low. (additional reasons to ditch it)

The real problem arises when he accesses the Internet with the Printer powered on. I had his wife trained so she didn't power it
on except when the Internet connection with his PC is disabled. The printer/scanner can't call back to China
or wherever it gets instructions... and it remains a viable functioning hardware device for scanning, printing or whatever.
The very day, hour, minute the Internet is accessed with this printer powered on it gives problems (goes haywire).

You might not like these suggestions, here is what I would do for starters:

Control your access to the Internet in 2 ways.

1. install an on/off switch between the PC and your Internet Modem. This will disable remote interference from the
Internet when you are performing maintenance and local printing scanning tasks.
Our local electronics distributor has an AB switch which works great for this type of application.
I wired it A to the Internet and B is open...no connection. (John Tyreman
came up with this idea and several of my neighbors are using this "disconnect" to effectively control Internet access.)

2. Create an Internet "User class profile" with limited rights to modify your PC or access the registry! Using the
Administration class user to access the Internet is playing Chinese Roulette (pun intended). I set up every PC these
days, even with Windows 7, with two user classes. One for surfing or exposure to the everyday big bad Internet and one
for Maintenance purposes only. (Admin User) This keeps malware encountered during Internet excursions from modifying
your PC registry and Windows applications. I have another neighbor that has a Chinese HP computer with Windows
Vista. The only thing that saved his bacon was the Internet user class (restricted access).. He encountered a Script
routine on a Web site that modified his Firefox Browser. We had to delete the Internet User and reinstall Firefox,
with a new PC Internet user. If he had been using Admin class to access the Internet it would have involved a total reload of
software. The November PC world has a dynamite article on how they trashed a new Windows Vista
machine by doing normal Internet "risky tasks" It would not even boot after their experiment. (4 hours of use, brand new PC)

3. Get a decent "well rated" Internet Security program. Mcafee used to be a good program, but I believe they have
fallen way down on the reliability list. Check it out anyway. I can research some alternatives for you.

4. Download, Install and use Ccleaner. It's been the #1 top download program on www.filehippo.com a trusted
download site for free and trial software. You will be surprised how much garbage a 3 year old PC collects.
Registry entries that are invalid because you have several new versions of Adobe Reader or Flash installed from updates.

5. Use an alternate Web Browser than "Internet Explorer". Mozilla Firefox is a good choice because of the multitude of
dynamite Security additions and plug-ins available to "Tell you where you are" on the Internet. No one should have the
excuse "I didn't know where I was on the Internet". Flagfox will tell you where you are located by displaying a "Flag"
of the country of Origin where the server is located on the Web site you are at.
install these other plug-ins additions: WOT (Web of Trust), No Script, Adblock Plus, Better privacy, Ghostery...
This basic group will make Firefox a valid Web browser. (It's reported that up to 20% of Web sites located on Google
are infected with Malicious "Script")

6. Religously update all your applications. Kaspersky Internet Security has a test called "Vulnerabilities" It checks the
version of Adobe Reader, Flash, Microsoft Office, and many other applications for outstanding security updates.
Most applications won't notify you personally that they are vulnerable. You have to keep up on that. My neighbor
with the Vista HP machine found out the hard way what happens when you surf the Internet without No Script installed
on Firefox and a year old version of Adobe Flash!! We couldn't uninstall it, sound familiar?? Deleting the Internet user
was the only way to get things corrected....Establish a new user and have a go at it again....(save all your files first)

I'm telling you these basic tasks because I've learned and observed the hard way. I reinstalled my XP software
on three separate occasions in 2009 after having encountered malware problems......You get curious after a while and
want to know how you can prevent these things. Spending 24 hours wiping a hard drive, formatting and reinstalling
the operating system and all your applications is a big job and not fun. I could reinstall Windows 7 on my new PC,
but I'm taking all the security precautions to ensure I don't have to.

Indicators are there if you have obtained enough Malware. The first one is that Mcafee, or whoever you use, will always
report your system is "clean"....The bad guys attack the Security programs first, before installing their malware. Indicators
are statements like "0" files checked, "0" malware discovered.... There are other comical variations on a theme but they
are becoming more sophisticated in hiding the evidence. Not being able to perform updates of your Internet Security Program
is another indicator. Most PC owners will download and renew their Internet Security Program to the latest version
on-line....Bad idea. If you have updated and kept the 2008 version of Mcafee and you received a malware attack back then..
You may still have the 2008 version if it has been disabled. I perform a yearly purchase of a boxed Internet Security program,
uninstall the old one before installing a new Virus check system from scratch with the Internet disabled.
Then run a system scan.

By the way, if you want some more information on Malware installed in hardware, look up the history on US-CERT of
Flash drives, Elctronic picture frames and the new one that scares me (yet to be reported) New flat screen TVs with
Internet access.
April 14, 2011 3:52:44 AM

Have you tried setting your printer as Untrusted and blocked on firewall HW and/or SW ?
Have you uninstalled printer software but not the driver ?
m
0
l
April 14, 2011 3:55:29 AM

Oh, you might want Seamonkey for best security, same ole' Netscape under new name, still Mozilla.
Firefox offers little in ways of security or customization. Not all websites support it because of that.
m
0
l
Anonymous
April 19, 2011 11:10:15 AM

This topic has been moved from the section Toms Network to section Computer Peripherals by Grumpy9117
m
0
l
!