Is it safe?
November 13, 2012 9:45 AM   Subscribe

Yesterday I added a network print server device to my home network. How can I know that it is secure? Can I firewall it to prevent it from sending anything out to the internet? A few more details inside.

I bought this no-brand print server device and hooked it up yesterday. It's working fine. I have no particular reason to distrust it, but OTOH, I'm not sure I should blindly trust it either. I think it can see all the activity on my home network if it chose to do so (router experts can correct me here if I'm wrong). If so, it could be potentially be harvesting passwords or cookies, etc. and sending them out somewhere on the internet.

I'm on a DSL connection and have a fairly crappy old westell modem/router with a custom UI added by my ISP. I don't think the modem has detailed controls that would allow me to firewall off this device from the internet. If it was doing something evil, it could probably forge packets anyway that would get past the firewall.

This is all most likely just excess paranoia and it's probably fine. But are there any steps I could take to be sure? Perhaps in the future I should think twice about buying no-name IP devices. Thanks in advance.
posted by DarkForest to Computers & Internet (5 answers total) 1 user marked this as a favorite
To see passwords you need to be logging in to an insecure site, if you're logging in via https, it will only see encrypted traffic.

If it was truly something evil, then you can't do much to stop it. But if you're so paranoid, why is it even on your network? You could set up seperate vlans and segregate it from the rest of the network, but then you will need to upgrade your network hardware.

Also, you could set up a packet sniffer or transparent proxy between it and the internet, and monitor the traffic coming from the device.
posted by defcom1 at 10:00 AM on November 13, 2012

There's a greater than 99% probability that your print server is not spying on you.

However, you have a few options. You can monitor its network usage with a packet sniffer like Wireshark. The second thing is to buy a smart switch that lets you make sure no internet-bound traffic from your computer flows past the printer server.

But—really—there's probably nothing to worry about.
posted by paulg at 10:04 AM on November 13, 2012

Thanks for your answers. I agree that is is almost certainly fine. I was a little disturbed when I looked at it and found that there is not a single bit of branding on the device or in its manual, which got me wondering about security. But don't worry, I'm not sweating bullets about it. I was just wondering if there was some step I could take that I had not thought of.
posted by DarkForest at 10:16 AM on November 13, 2012

Is this device connected to an ethernet switch? Switches intelligently direct traffic based on where it's going/coming from and severely limit the extent to which traffic can be "seen", i.e. the print server, by virtue of it just being connected to your LAN, doesn't automatically get to see all the traffic traveling across your LAN. It's not like the days of ethernet hubs when the entire network was effectively a party line that anyone could listen in on.

That being said, to further segregate your LAN, you could set up a Virtual LAN with a different IP subnet to completely partition off untrusted devices. I've done this with OpenWRT and a cast off Linksys WRT54g. I have two VLANs each with a different IP subnet and a few firewall rules to govern how traffic can pass from one part of the network to the other.
posted by RonButNotStupid at 10:26 AM on November 13, 2012

You're right. I was thinking of it more like a hub than a switch. I can check to see if traffic is not being sent on all links. If not, then there's no problem. Thanks!
posted by DarkForest at 11:03 AM on November 13, 2012

« Older How can I make excel break multiple rows into new...   |   US bank recommendation for Canadians recently... Newer »
This thread is closed to new comments.