Hacked is absolutely not what has been done here.
You put an open access printer in a DMZ making it available to literally every person on the
internet to discover and print to it.
Xerox has no fault in this. All it takes to find printers on the Internet is to know what appears in your web browser when you hover over any link on a network printer web interface that isn't the IP address.
So say that your IP on the printer is 10.1.1.10, you go to that page and find that there is a link that has a specific chain in the address, like the linked article shows. You Google it and find all of that brand, or model that people have sitting unprotected on the LAN.
From that people can Google the default admin account and do whatever they want with the device assuming you have not changed those credentials.
Even buying a printer that requires authentication to print isn't securing it, if you need to share a printer to remote locations you need to use a VPN or use an service like Google cloud print. But Cloudprint will only print from Chrome, so whatever you print would require it to be opened in Chrome, and would need to be logged into with the same Gmail account at all locations.
Please be sure to select "
Accept Solution" and or select the thumbs up icon to enter
Kudos for posts that resolve your issues. Your feedback counts!
Joe Arseneau
