Books for you

As noted previously, CUPS uses the Internet Printing Protocol to
connect to printers. Network printers can thus communicate with CUPS clients via port
631. If configured properly, the network printer can send out broadcast packets when it is
available for printing jobs. In the YaST Printer Configuration dialog box (refer to Figure
7.1), you can set your computer to Listen to Remote CUPS Servers to Get Comfortable
Access to Remote Queues.
The problem with this method is that you risk the possibility that an attacker sends IPP
broadcasts to your computer announcing available print queues, and you accidentally
print to a counterfeit queue. You may believe the job is sent to a local server, whereas in
reality it is sent to the attacker??™s server.
To use this method, port 631/UDP must be open for incoming packets from the network,
but not from outside your network or the Internet. The way to solve this problem is to
configure the SUSE Firewall appropriately. This means enabling listening only via the
Internal Network interface, not the External (Internet) interface.


Pages:
307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331