{"title":"基于PfSense的基于签名的Suricata网络打印机攻击防范","authors":"Fajar Subkhi Sulaiman, H. Seta, Noor Falih","doi":"10.1109/ICIMCIS53775.2021.9699133","DOIUrl":null,"url":null,"abstract":"In late 2018, more than 50,000 network printers were exposed to a cyberattack that forced them to print spam messages. Were the spam message turned into a message for large-scale political activities, it can cause a major problem. Based on this, two problem arises, namely what is the impact of hacked printers. Can a hacked network printer inflict major damage on the surrounding? Secondly, whether a combination of a firewall with Suricata intrusion detection system (IDS) and intrusion prevention system (IPS) can prevent printer hacking. This research only discusses transmission control protocol (TCP) communication packets, access restriction using pfSense firewall along with Suricata, and printer model Canon imageRunner ADV-4025 as the test printer. The offered solution is to separate the network into two-part and put a firewall in between two networks, and configure the firewall along with Suricata so that the firewall can detect malicious packets. The output obtained is a system that can limit access and perform packet filters from computers on a different network to a printer, which can increase service availability, information confidentiality, and data integrity on printers.","PeriodicalId":250460,"journal":{"name":"2021 International Conference on Informatics, Multimedia, Cyber and Information System (ICIMCIS","volume":"93 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-10-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Exploitation Prevention on Network Printer with Signature-Based Suricata on PfSense\",\"authors\":\"Fajar Subkhi Sulaiman, H. Seta, Noor Falih\",\"doi\":\"10.1109/ICIMCIS53775.2021.9699133\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In late 2018, more than 50,000 network printers were exposed to a cyberattack that forced them to print spam messages. Were the spam message turned into a message for large-scale political activities, it can cause a major problem. Based on this, two problem arises, namely what is the impact of hacked printers. Can a hacked network printer inflict major damage on the surrounding? Secondly, whether a combination of a firewall with Suricata intrusion detection system (IDS) and intrusion prevention system (IPS) can prevent printer hacking. This research only discusses transmission control protocol (TCP) communication packets, access restriction using pfSense firewall along with Suricata, and printer model Canon imageRunner ADV-4025 as the test printer. The offered solution is to separate the network into two-part and put a firewall in between two networks, and configure the firewall along with Suricata so that the firewall can detect malicious packets. The output obtained is a system that can limit access and perform packet filters from computers on a different network to a printer, which can increase service availability, information confidentiality, and data integrity on printers.\",\"PeriodicalId\":250460,\"journal\":{\"name\":\"2021 International Conference on Informatics, Multimedia, Cyber and Information System (ICIMCIS\",\"volume\":\"93 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2021-10-28\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2021 International Conference on Informatics, Multimedia, Cyber and Information System (ICIMCIS\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICIMCIS53775.2021.9699133\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2021 International Conference on Informatics, Multimedia, Cyber and Information System (ICIMCIS","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICIMCIS53775.2021.9699133","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Exploitation Prevention on Network Printer with Signature-Based Suricata on PfSense
In late 2018, more than 50,000 network printers were exposed to a cyberattack that forced them to print spam messages. Were the spam message turned into a message for large-scale political activities, it can cause a major problem. Based on this, two problem arises, namely what is the impact of hacked printers. Can a hacked network printer inflict major damage on the surrounding? Secondly, whether a combination of a firewall with Suricata intrusion detection system (IDS) and intrusion prevention system (IPS) can prevent printer hacking. This research only discusses transmission control protocol (TCP) communication packets, access restriction using pfSense firewall along with Suricata, and printer model Canon imageRunner ADV-4025 as the test printer. The offered solution is to separate the network into two-part and put a firewall in between two networks, and configure the firewall along with Suricata so that the firewall can detect malicious packets. The output obtained is a system that can limit access and perform packet filters from computers on a different network to a printer, which can increase service availability, information confidentiality, and data integrity on printers.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
