Blog: Security SSL

HP printers are comonly detected in financial institution audits due to a vulnerable SSL version in use.  Many older models contain multiple vulnerabilities that cannot be fixed with firmware upgrades because the older printers are no longer supported.
 
Customers can use the HP WebJet Admin software to manage these printers through SNMP and disable the web server completely.  However make sure the SNMP community strings have been changed from the default "public" and "private".


 

This is sort of a follow up to a post about the Firefox addon Certificate Patrol.  The addon Perspectives also helps watch out for certificate related problems.  When you go to a secure web site, Perspectives can (with a click or automatically) check with several “notaries” scattered around the world and tell you whether they are getting the same certificate from that site as you are.  Read http://perspectives-project.org/ for more details.  Here is a link to the Firefox addon: https://addons.mozilla.org/en-US/firefox/addon/perspectives.  There is also an Alpha, very experimental Chrome addon https://chrome.google.com/webstore/detail/lnppfgdnjafeikakadfopejdpglpiahn.

This project is out of Carnegie Mellon University  The notary server is open source, so anyone can run their own servers.  By default, the plugin uses several servers that seem to be run by the Massachusetts Institute of Technology.