Technical information
Network Security White Paper ver. G.1.2
Page 21 of 72
Theft of Print Data
Using RSH/RCP, print/scan data is sent as clear text. If intercepted by a third party it is easily read.
1-9-3 Recommended Precautions
To maintain a strict security policy, the RSH/RCP service can be disabled and the port for this service
can be completely closed using Web Image Monitor or the mshell.
NOTE: This will prevent users from TWAIN scanning.
We recommend using SFTP instead of RSH/RCP whenever possible.
1-10LPD
1-10-1 Function Overview
The LPD service is compliant with RFC 1179 and uses TCP port 515 for connections with an RFC 1179
compliant client. The following functions are provided by this service:
Printing a job from LPR clients
Monitoring the status of the printer and print queues from LPR clients.
Deleting print jobs from the print queue by LPR clients.
Potential threats and recommended precaution
1-10-2 Potential Threats and Recommended Precautions
Possibility of Acting as a Server for Relaying Viruses
The LPD service treats all received data as print jobs. An executable file will print as garbage data.
Possibility of Successful DOS (Denial of Service) Attacks
The RICOH network device can detect a high frequency of logins and delay responses to that user’s
login requests. The device will also send an e-mail to the administrator. The device will create a log and
a message showing that the device is currently under attack will be displayed in Web Image Monitor.
Theft of Username and Password
Interception of network packets: LPD does not have an authentication function; however, print data may
contain authentication information. This information can be encrypted by the printer driver. Please refer
to the user manual and driver help sections for more information about this method.
Theft of Print Data
Interception of network packets: Using LPR, print data is sent as clear text, if intercepted by a third party
it is easily read.