Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
Windows 10
Windows 11Efficiently exploit printers in Windows Server 2003 (Part 3)
Efficiently exploit printers in Windows Server 2003 (Part 1)
Efficiently exploit printers in Windows Server 2003 (Part 2)
In the previous article of this series, I have shown you the most effective way to manage a network printer is to create print queues on one of the network servers and force all print jobs to be Go through that queue. In the second part of this series, we have introduced some basic techniques for print string protection that you created in Part 1. In this article, I will show you how to verify the use of a network printer.
Why check the printing on the network?
There are several possible reasons why it is necessary to authenticate using a network printer. As we explained in the first part of this series, evaluating printers is a must for your company to test them. You must know who is printing and whether the person is entitled to printing.
A simple example of verification involves managing printer supplies such as ink and paper. We have studied in many companies, where printers are tested so that separate rooms are responsible for providing what they use. Since then, there have been cases in which high-density photo printers are validated for unauthorized use because the supplies are very expensive.
Verify a network printer
We talked a little bit about why to authenticate the network printer, now let's move on to the process of verifying it. If you have ever looked at the server's security logs, you may notice that the printer authentication cannot be performed by default. To enable printer authentication, select the Printers and Faxes command from Start. After you are done, you will see the Printers and Faxes window. Right-click the printer you want to verify, select the Properties command from the right-click menu. The printer properties sheet will appear after you execute the command.
In this section, you must select the Security tab and then click the Advanced button. When you do, Windows will display the properties page of the Advanced Security Settings. Select the Auditing tab, you will see that it is completely empty as shown in Figure A.
Figure A: Printer authentication is disabled by default
How to set up the printer authentication, the authentication focuses on users and groups rather than focusing on the printer itself. That means you can't ask Windows to create an audit log input any time someone sends a print job to the printer (at least not directly). Instead, Windows will ask for the name of the user or group you want to authenticate. If your purpose is to verify any use of the printer, you can verify the Everyone group.
Keep in mind, click the Add button, you will see a screen asking you to enter the name of the user and the group you want to authenticate, as shown in Figure B. After entering the name of the user and group, we We recommend clicking on the Check Names button. Doing so will ensure that you spell the appropriate names and that the name is valid, the authentication will not perform if you are authenticating a user or group does not exist.
Figure B: Windows requires entering the user name and the groups you want to authenticate
Click OK and you will see an Auditing Entry dialog box, as shown in Figure C. As you can see in the figure, this dialog box allows you to verify both the success and failure of the various printer-related events. To enable authentication, all you need to do is select the events you want to audit and click OK. Before doing that, you have to understand the meaning of these different events.
Figure C: The dialog box allows you to control the events you want to audit
In the section below, we will describe what the event you can assess means. As I have done, you should remember that my descriptions acknowledge that you are appraising the success of a particular event. Verifying the failure of events means simply that someone attempting to perform the action will result in a normal event if the user has valid permissions. For example, performing a successful audit on the Print event will create a security log each time someone performs print jobs on the printer. A failure of such an event will create a record any time someone tries to print on the printer, but cannot because they lack the necessary permissions. Remember those things, here are the different facts and their meanings:
• Print - The currently authenticated user has sent a print command to the printer
• Manage Printers - Users change the properties or permissions of the printer
• Manage Documents - Users have stopped, restarted, restarted or deleted a print job.
• Read Permissions - User reads the printer's security permissions
• Change Permissions - Users change the security permissions of the printer
• Take Ownership - Users gain ownership of the printer
What must you evaluate?
With all the authentication settings available, you might be wondering what to evaluate. That really depends on the nature of the printer and how secure you need it. If the printer is used for printing checks, you should perform both success and failure assessments for each event. On the other hand, if the printer is a common-use general-purpose printer, you do not have to perform the above successful authentication for the Print event. If you have done so, the event log will increase in size quickly and cannot be managed because the new record will be created each time someone sends a print job to the printer.
I think the vast majority of printers in the average organization may not need to be verified. However, if a printer is used for a variety of financial purposes (such as print checks), or consumes expensive supplies, you may need to verify this printer. In many situations, we recommend that you verify the two success and failure events related to Manage Printer and Change Permission. We also recommend using the Print event validation failure.
Conclude
In this article, we have shown you that it is easy to miss printers when developing network security plans because printers are so often so trivial that they are rarely secured. The phenomenon of bypassing the printer can cause financial waste for the company. Therefore, we recommend configuring sensitive printers using a centralized print queue managed by a Windows server. After all, you can easily perform security for the printer and verify its use or those trying to use it (unauthorized).
Isabella HumphreyYou should read it
- Select printer for small office
- Why the printer cannot print and how to fix it
- How to Print from iPhone
- How to print documents directly from a smartphone or tablet
- Brother printer error Print unable 0B - Causes and ways to fix Print unable 0B error
- Inkjet (inkjet) and laser printers: Which type is right for you?
- 8 best AirPrint printers in 2021
- Instructions on how to check and install the IP address for the printer
May be interested
- Top 10 security improvements in Windows Server 2019
this new version of windows server provides some significant security updates compared to the windows server 2016 version, including ransomware monitoring tools and other malware. - Configure Windows Server 2008 to remotely access SSL VPN Server (Part 3)in the previous two articles of this series on how to create an ssl vpn server on windows server 2008, we introduced the basics of vpn connection issues, then went into the configuration of the server. . in this process,
- Test SQL Server with Windows PowerShell - Part 6part 6 will show you how to check all existing databases in the sql server instance and query the database properties.
- Installing, configuring, and testing Exchange 2007 CCR on Mailbox Server (Part 2)in part 1 of this series, i talked about installing the windows 2003 cluster. the second part of this series will install the required windows components by exchange server 2007 as well as configure majority node set (mns) quorum with file share witness. finally, the activation and configuration of transmission on the hu server
- 10 tips with PowerShell in Windows Server 2008 - Part 2in the previous article, i have shown you some of the basic functions and tricks that can be done with powershell in windows server 2008. and this time, we will continue with part 2, which is also the end. in powershell series in windows server environment ...
- Microsoft Windows PowerShell and SQL Server 2005 SMO - Part 9in part 9 of this series, i will show you how to use powershell in conjunction with smo to create a sql server script. creating sql server scripts is an important task for administrators and sql server database development professionals.
- Web7: XSS Exploits – Part 1: Reflected XSSin this article, tipsmake.com will learn with you about the reflected xss exploit.
- How to install 2 printers on a Windows computeryou can set up multiple options for installing on the same printer in windows. it is understandable that you will have many virtual printers, in which each printer can have its own custom settings.
- Microsoft Windows PowerShell and SQL Server 2005 SMO - Part 7each part of this series demonstrates how to use powershell in conjunction with smo to present sql server objects. part 7 of this series will demonstrate how to use powershell and smo to find all available objects in a database on the server.
- Learn about Windows Server 2012 (Part 3)on windows server 2012, you can install a role or feature on a virtual hard disk that contains the inactive windows server installation.
LAN - WAN
- Managing Windows networks using scripts - Part 3: Understanding WMI
- Wireless LAN technologies and Microsoft Windows
- Configure ISA Server 2006 HTTP Filter
- WiMax gigabit speed creates 4th generation mobile network
- Create a Site-to-site VPN on ISA 2006 (Part 1)
- Create a Site-to-site VPN on ISA 2006 (Part 2)
Managing Windows networks using scripts - Part 3: Understanding WMI
Wireless LAN technologies and Microsoft Windows
Configure ISA Server 2006 HTTP Filter
WiMax gigabit speed creates 4th generation mobile network
Create a Site-to-site VPN on ISA 2006 (Part 1)
Create a Site-to-site VPN on ISA 2006 (Part 2)