Exploitation Prevention on Network Printer with Signature-Based Suricata on PfSense (original) (raw)

2021 International Conference on Informatics, Multimedia, Cyber and Information System (ICIMCIS, 2021

Abstract

In late 2018, more than 50,000 network printers were exposed to a cyberattack that forced them to print spam messages. Were the spam message turned into a message for large-scale political activities, it can cause a major problem. Based on this, two problem arises, namely what is the impact of hacked printers. Can a hacked network printer inflict major damage on the surrounding? Secondly, whether a combination of a firewall with Suricata intrusion detection system (IDS) and intrusion prevention system (IPS) can prevent printer hacking. This research only discusses transmission control protocol (TCP) communication packets, access restriction using pfSense firewall along with Suricata, and printer model Canon imageRunner ADV-4025 as the test printer. The offered solution is to separate the network into two-part and put a firewall in between two networks, and configure the firewall along with Suricata so that the firewall can detect malicious packets. The output obtained is a system that can limit access and perform packet filters from computers on a different network to a printer, which can increase service availability, information confidentiality, and data integrity on printers.

HENKI BAYU SETA hasn't uploaded this paper.

Let HENKI know you want this paper to be uploaded.

Ask for this paper to be uploaded.