HP Laserjet P3005dn Random Printing

Toggle sidebar Toggle sidebar
L

LEDominator

Senior member
May 31, 2006
388
0
76
Hello all,

The university lab group I work in has recently had its HP printer randomly start printing a sheet of paper with the following text on it:

GET http://www.163.com/ HTTP/1.1
Host: www.163.com
Accept: */*
Pragma: no-cache
User-Agent: Mozilla/4.0 (compatible; MSIE 4.01; Windows 98)
Click to expand...

I am guessing that either the printer has been hacked or a computer on the network has and is sending this to the printer. If anyone could explain this and/or help fix it that would be greatly appreciated!

Thanks!

-LED
 
Z

ZeroRift

Member
Apr 13, 2005
195
6
81
It is possible that someone is poking around the school network with an HTTP probe directed at port 9100, but without more information, there's no way to know for sure. A more likely conclusion is that some device / computer on the network is misconfigured. If the printer is set up to accept web printing (port 80 specifically), it's possible someone is simply browsing to it accidentally.

I didn't visit www.163.com since I'm at work, but maybe there's more information to be had there?

Things that might get you more information:

Printer Job Logs - On beefier printers, these usually contain originating IP/User

Packet Captures - If you have appropriate network access, you could simply monitor traffic to/from the device, though that does require expertise to interpret....

IP Address of the Printer - If the IP of the printer starts with "163" it is very likely someone is browsing to an internal site via IP address and occasionally hits "enter" on the number pad instead of "." This, of course, depends on the printer being configured to accept raw printing on port 80. (this would be odd, but possible)
 
L

LEDominator

Senior member
May 31, 2006
388
0
76
Thanks for the response!

Unfortunately I don't have access to the network to monitor traffic but I can access the printer. However, your advice about the web printing was spot on. I was able to log on to the printer and change the settings there to disable web printing as well as a few other protocols and pass worded the hell out of it (you would think the IT people who set it up for our research group would have done this but no). So far the random printing has stopped so thank you for the tip!

-LED
 
You must log in or register to reply here.

TRENDING THREADS

COMPANY
RESOURCES
FOLLOW
Top Bottom