[IDS] HCD_PSTN_Fax_Enabled attribute

[IDS] HCD_PSTN_Fax_Enabled attribute

Randy Turner rturner at amalfisystems.com
Fri Aug 14 16:55:56 UTC 2009 

So if an MFP (with PSTN fax capability) has been compromised, then  
someone could possibly re-vector confidential documents to be printed  
(or being scanned) and send these to some remote fax recipient over  
the PSTN fax feature.  Did I paraphrase the threat accurately?

Thanks!!
Randy



On Aug 14, 2009, at 7:56 AM, Ira McDonald wrote:

> Hi Randy,
>
> Not that I know of.
>
> In my previous experience with government agencies,
> the primary concern about PSTN Fax was that it could be
> used *from a compromised system or by a rogue walkup
> user* to export documents and system configuration
> information invisibly, i.e., w/out passing through a firewall
> and w/out any chance of detection by smart routers
> (ones with embedded firewalls).
>
> Cheers,
> - Ira
>
> Ira McDonald (Musician / Software Architect)
> Chair - Linux Foundation Open Printing WG
> Blue Roof Music/High North Inc
> email: blueroofmusic at gmail.com
> winter:
>  579 Park Place  Saline, MI  48176
>  734-944-0094
> summer:
>  PO Box 221  Grand Marais, MI 49839
>  906-494-2434
>
>
>
> On Thu, Aug 13, 2009 at 9:55 PM, Randy Turner<rturner at amalfisystems.com 
> > wrote:
>>
>> Are there any documents on the internet that you guys know about that
>> describe existing attack vectors on PSTN/Analog Fax lines?
>>
>> Randy
>>
>>
>> On Aug 13, 2009, at 6:44 PM, Ira McDonald wrote:
>>
>>> Hi Randy,
>>>
>>> It's not that we don't care about IFax.
>>>
>>> It's that all forms of Internet Fax have protocols and IP
>>> ports that would be reported in HCD_Firewall_Setting.
>>>
>>> But many businesses and government agencies ALSO
>>> want to close the "back door" of PSTN Fax.
>>>
>>> Cheers,
>>> - Ira
>>>
>>> Ira McDonald (Musician / Software Architect)
>>> Chair - Linux Foundation Open Printing WG
>>> Blue Roof Music/High North Inc
>>> email: blueroofmusic at gmail.com
>>> winter:
>>>  579 Park Place  Saline, MI  48176
>>>  734-944-0094
>>> summer:
>>>  PO Box 221  Grand Marais, MI 49839
>>>  906-494-2434
>>>
>>>
>>>
>>> On Thu, Aug 13, 2009 at 9:02 PM, Randy Turner<rturner at amalfisystems.com 
>>> >
>>> wrote:
>>>>
>>>> Hi All,
>>>>
>>>> When we came up with this attribute, we include PSTN in the name,  
>>>> which
>>>> means we only care about PSTN fax, and not internet-fax options  
>>>> such as
>>>> T.38
>>>> or other fully capable iFax features.
>>>> Did we mean to do this? We only care about PSTN? Which I assume  
>>>> to mean
>>>> analog fax?
>>>>
>>>> Randy
>>>>
>>>>
>>>> --
>>>> This message has been scanned for viruses and
>>>> dangerous content by MailScanner, and is
>>>> believed to be clean.
>>>>
>>>> _______________________________________________
>>>> ids mailing list
>>>> ids at pwg.org
>>>> https://www.pwg.org/mailman/listinfo/ids
>>>>
>>>
>>
>>
>


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

More information about the ids mailing list