Embedded Files
Linux printer is quite open for attack when not protected properly. However, the attack can sometimes be nuisance when someone tries to spam the printer ports on your system. This section guides you on how to secure Debian by securing the printer.
Identified Threats
Identified Threats
These are the identified threats related to Debian Software.
(T-78) lpr Or lp Printer Dameon May Be Used to Handle Printing
(T-78) lpr Or lp Printer Dameon May Be Used to Handle Printing
In some builds, Debian is using the old printer services like Ipr or Ip.
(T-79) Anyone Can Print to CUPS Printer Daemon By Default
(T-79) Anyone Can Print to CUPS Printer Daemon By Default
By default, CUPS is configured to be both localized and remote printing.
(T-80) CUPS Is Not Operating Using SSL/TLS For Network Communications
(T-80) CUPS Is Not Operating Using SSL/TLS For Network Communications
By default, CUPS is not operating using SSL/TLS certificate.
Actions Required
Actions Required
Here are the list if actions to counter the issues.
Uninstall Ips and Ip Printer Daemon
Uninstall Ips and Ip Printer Daemon
As of to-date, it's best to use CUPS printer service over the other 2 due to its simplicity and controls.
Configure CUPS to Listen Localhost Only
Configure CUPS to Listen Localhost Only
Unless it is a network printer server, you should configure CUPS to listen only to localhost.
Configure CUPS to use SSL/TLS
Configure CUPS to use SSL/TLS
When using CUPS as a network printer server, you should enables it to use SSL/TLS for network communications.
That's all for hardening Debian by hardening printer.
Page updated
Google Sites
Report abuse