October is National Cyber Security Awareness Month, a great time to make sure your digital life is secure. IS&T is publishing security-related blog posts throughout the month: topics will range from phishing tips and tricks, to overviews of LastPass and CrashPlan. Read on and play it safe!
Occasionally on campus, printers have been found to spontaneously print pages of gibberish. This activity is most likely due to someone outside the Institute looking for vulnerabilities, such as open ports in equipment connected to the MIT network. Once found, these vulnerabilities can be exploited to do things like send spam email, download publications from libraries, and compromise other devices on the network.
Fortunately, taking a few simple precautions can usually prevent these hacks from happening. Protective measures include changing the printer’s default admin password, disabling unneeded services on the printer (such as FTP), and restricting access to the printer based on IP address.
For instructions on how to perform these tasks, see Network Printing Best Practices in the IS&T Knowledge Base.
If the problem persists, IS&T engineers can block all non-MIT IP addresses from accessing the printer in question. Community members who need to access the printer from off campus can do so by connecting to the MIT VPN (Virtual Private Network (VPN).
Printer owners can request that non-MIT IP addresses be blocked by sending an email to the Information Security Team at firstname.lastname@example.org. Be sure to include the printer's IP address or full hostname.