• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 70
  • Last Modified:

SNMP vulnerability scan

SNMP writable communities  shows up on my vulnerability scan.

I  am being told to disable it

How will disabling it affect printing
When is it needed?
Does it matter if the printer has a hard drive?
0
syarmush
Asked:
syarmush
  • 7
  • 3
  • 3
  • +2
1 Solution
 
MichelangeloConsultantCommented:
You should be ok disabling it. no relations whatsoever.
0
 
syarmushAuthor Commented:
https://community.spiceworks.com/topic/483706-disable-snmp-on-printers-causes-headache-with-windows-7-ugh


Please look at the above link

I tried doing this to the company copier scanner and I had to reinstall all the users who have access  to the copier scanner

 I have 10  printers with this vulnerability at the moment.

Any suggestions how I can make this painless
0
 
hdhondtCommented:
Certainly the printer disk will not be affected.

Make sure you disable SNMP Status for the printer under Printer Properties > Ports > Configure Port. If using a server, this must be done on the server. If SNMP is enabled, the driver will try to check printer status, and will fail when SNMP is disabled.

Note that, disabling SNMP will also prevent print management software from checking printer status. You may not use any, but if something like WebJetAdmin stops working, this is why.
0
Cloud Class® Course: Ruby Fundamentals

This course will introduce you to Ruby, as well as teach you about classes, methods, variables, data structures, loops, enumerable methods, and finishing touches.

 
LucFEMEA Server EngineerCommented:
Can't you just change the community string?
Make sure to change it on the printer and "print management" and you should be good.
An SNMP string being "Public" or "Private" is indeed asking for problems.
0
 
syarmushAuthor Commented:
we have copier\ printers that a 3rd party  sends us toner when needed. If I change this I assume by the comments above this will be broken?
0
 
LucFEMEA Server EngineerCommented:
No, it won't.
The printer will use the driver on the printserver. This is used by some software to query the toner level.
How the driver and printer communicate and with what SNMP community name doesn't matter. Just make sure you change it on both ends. (Printer and printserver)
0
 
syarmushAuthor Commented:
from what I am reading to make this easy I  should set up all the  printers on a print server so that I only have to make the changes one time

I am unsure if the copier company will bulk  if they cannot get toner reports
0
 
LucFEMEA Server EngineerCommented:
You're not comparing apples with apples :)
This is completely separated.
Worst case scenario you'll have to adjust the SNMP string in the company's software too.
1
 
hdhondtCommented:
we have copier\ printers that a 3rd party  sends us toner when needed
Some printers are able to send an email requesting attention. In that case SNMP is not involved. If the 3rd party has print management software installed then, yes it will be affected. Check with them to see how they do it.

Re installing on a server. For a large organisation a server is always the easier method. For a small company, I prefer to have each user connect directly to the printer. In your case, if you are not using a server then every user needs to make sure SNMP is not ticked. But in your case, moving to a server will not make life easier. With the direct connection users will have to change a driver setting; with a server, users will have to install a new printer.

Start by checking whether SNMP Status is currently enabled. If it isn't, then you only have to worry about the toner supplier.
0
 
syarmushAuthor Commented:
I cannot depend on users changing settings- it will not happen-If I load the printers on a print server I can control that

Any other suggestions without involving users doing something
0
 
arnoldCommented:
The SNMP config on printers is the means by which when configured the printer status is determined, I.e. If the poll of the SNMP response is received, the printer is seen online, if it is not, the printer is marked offline.
Public is a read only community.
If the printer prints sensitive information, the default scheme should be to use encrypted harddrive.

It is a tool that gets installed on a system that monitors the printer status using SNMP to poll the toner reference.
The scan scans what you tell, identifying the impact/vulnerability of the report.
I.e. You ask sone one who identifies Window (structure) to review your office space for vulnerabilities, the report cones back with a list of external Windows as well as a few electrical room door windows, custodian office door window included as a possible vilnerability.
...
0
 
syarmushAuthor Commented:
I have 10 printers with this vulnerability

SNMP writable communities  

 what would be the easiest way to fix

I am not going to worry about toner reporting back for the copiers
I cannot ask users to check boxes- it will have to be done by me
]https://community.spiceworks.com/topic/483706-disable-snmp-on-printers-causes-headache-with-windows-7-ugh[/b][/b][/b]

if you read the article above you can see how this could break the print jobs
0
 
arnoldCommented:
Login into the administrTve interface if the printer, and disable the writeable community, or alter the default community name to sonething unique.
0
 
syarmushAuthor Commented:
its not that easy
 if you read the article I posted above you will see what could happen

I made these changes for one printer and it broke the printer for all users who had it installed on their PC
I had to reinstall after the changes were made

this is why I said its better to install printers on a print server. You can make the change one time

I cannot count on users to make the change on their PC
0
 
arnoldCommented:
I said disable the writeable community, not disable SNMP completely.

what does the scan say which wirteable community in SNMP does it report?

Depending on your environment, i.e. AD centrally managed, you should have a server/servers set as print servers who have the printer installed locally and shared/pushed to the clients using GPOs/GPPs.

I've not seen printers that come with SNMP writeable community enabled.
Since you mentioned that your Printer provider includes the option to automatically order supply, have a talk with them on whether or why they have a writeable community defined for SNMP.

Look through your printer's SNMP settings and make sure what you have, public is set to read-only
0
 
syarmushAuthor Commented:
thank you
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: Microsoft Office 2010

This course will introduce you to the interfaces and features of Microsoft Office 2010 Word, Excel, PowerPoint, Outlook, and Access. You will learn about the features that are shared between all products in the Office suite, as well as the new features that are product specific.

  • 7
  • 3
  • 3
  • +2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now