Manualshelf

Technical information

ManualsBrandsAficio ManualsComputer equipmentMLP150DN
12345678910
Network Security White Paper ver. G.1.2
Page 10 of 72
We also recommend using the Access Control function for added security. Access Control is a list of
“safe” client host addresses. Once Access Control is setup for specific IP addresses, the products will
receive print or scan requests from the specified hosts only. Access Control can be applied to LPR
printing, RSH/RCP access, Bonjour access, HTTP/HTTPS access, FTP printing, TCP raw printing
(DIPRINT), SMB printing, IPP printing, scanning from DeskTopBinder. Access Control can also be used
for WSD-printing, IPDS printing, and RHPP printing. For information on how to set up Access Control,
please refer to the Appendix section entitled “Access Control”
.
In the following sections, the potential threats and recommended precautions are given for each service.
For added security, the recommended precautions should be accompanied by a firewall and Access
Control.
1-2 TELNET
1-2-1 Function Overview:
The TELNET service provides a virtual terminal service in order to use the maintenance shell (mshell). It
is compliant with RFC 854. The mshell uses TCP port 23 and provides a dedicated command interface
for the following functions:
Configuring network settings of the products from remote terminals
Monitoring device status and settings from remote terminals
Getting system logs from remote terminals
Unlike shell services for UNIX/Linux, the mshell provides a command interface for configuration
purposes only. Access to the file system or kernel, or modifying system files inside the products is very
unlikely.
1-2-2 Potential Threats
Destruction, corruption and modification of the file system and kernel.
The possibility of destruction, corruption or modification of the file system is very low.
The mshell only permits write-access to a subset of device settings.
1-2-3 Possibility of Acting as a Server for Relaying Viruses
This is not an issue. Neither the local file system nor a remote host can be accessed via the mshell.
1-2-4 Theft of Username and Password
The username and password used for telnet is the same as those used for Web Image Monitor.