[PLUG] Encrypting LPR data
Keith Lofstrom
keithl at kl-ic.com
Thu Apr 7 07:03:01 UTC 2005
Many of you may have heard about the "3 minute WEP hack" that has
rendered WEP wireless networks completely insecure. I thought to
myself "but all my internal network traffic is ssh encrypted, so it
doesn't matter". However, not all traffic is. All my printers are
on the ethernet, and they all are talking LPR protocol, which is
unencrypted. Anyone tapping into my network could watch the print
files go by and extract whatever secrets they contain.
Now I could send all printer traffic down encrypted VPN tunnels to the
server, and put the printers on a separate net connected only to the
server. That should be secure against all but a physical tap on the
separate printer network. However, this is pretty damned inconvenient,
given that the printers are scattered around. I would have to run two
sets of network cables, or have Yet Another Device that unVPN's each
individual printer's connection. It also means I lose printing when
the server is down.
Any other ideas? I guess if my physical network is penetrated, I am
Owned anyway. Time to upgrade the security alarm ...
Keith
--
Keith Lofstrom keithl at keithl.com Voice (503)-520-1993
KLIC --- Keith Lofstrom Integrated Circuits --- "Your Ideas in Silicon"
Design Contracting in Bipolar and CMOS - Analog, Digital, and Scan ICs
More information about the PLUG
mailing list