HP Printers and port 80 worms

Douglas P. Brown dugbrown at email.unc.edu
Mon Aug 6 19:27:07 GMT 2001

Thanks to all who wrote to me and responded to the list - here is what
I've gathered:

For you brave souls who are willing to try a firmware upgrade:


in some cases you may want (or need) to do this upgrade with a laptop
and a crossover cable.  To make sure the firmware loader can see the
printer on the crossover cable telnet to it first, then run the loader.

after upgrade, then -
Telnet to printer

type: ews-config: 0 
and this will disable port 80... and from what we have seen stop the
memory dumps from Code Red, etc.

Hope this helps,
Douglas P. Brown
University of North Carolina
ATN Security Analyst
105 Abernethy Hall

More information about the unisog mailing list