Whitepaper
HP Jetdirect
|
|
............................................................................................................................................... |
1 |
HP Jetdirect .............................................................................................................................. |
2 |
HP Jetdirect ....................................................................................................................... |
3 |
HP Jetdirect ......................................................................................................... |
4 |
............................................................................................................................................... |
5 |
HP Jetdirect ....................................................................................................................... |
6 |
HP Jetdirect TCP 9100.............................................................................................. |
7 |
HP Jetdirect SNMP .................................................................................. |
8 |
HP Jetdirect ....................................................................................................... |
8 |
HP Jetdirect ...................................................................................... |
9 |
HP Jetdirect /MFP ........................................................................................... |
9 |
1 ............................................................................................................... |
10 |
2 ............................................................................................................... |
11 |
3 ............................................................................................................... |
17 |
4 ............................................................................................................... |
26 |
...................................................................................................................................... |
31 |
Internet HP Jetdirect HP
HP HP Jetdirect
HP (http://www.hp.com/go/secureprinting)
HP JetdirectHP Jetdirect SSL/TLS SNMPv3 802.1X IPsec
1
“ ”IP
HP Jetdirect “ ”“ ” “ ” HP Jetdirect
HP Jetdirect
地的打印机通过网络连接在一起。这些后台处理程序随后通过LPD
HP LaserJetHP Jetdirect
HP Jetdirect Jetdirect HPJetadmin HP Jetdirect
HP JetdirectAppleTalk DLC/LLC IPX/SPX TCP/IPFDDI LocalTalk ATM
HP Jetdirect “
” HP Jetdirect “ ”
PC
TCP/IP “ ”“ ”
2
HP Jetdirect
PC |
Centronics |
IEEE 1284.4 |
|
HP |
HP |
Jetdirect 1 – |
1 – |
1 HP Jetdirect |
/MFP HP Jetdirect |
HP Jetdirect |
Internet HP Jetdirect PJL |
HP Jetdirect PJL |
HP Jetdirect |
|
3
HP Jetdirect
适用于打印机和HP Jetdirect HP Jetdirect HP Download Manager http://www.hp.com/go/dlm_swHP Jetdirect HP Web Jetadmin http://www.hp.com/go/webjetadminHP Jetdirect HPHP Jetdirect 1 – HP Jetdirect
|
|
|
|
|
|
|
|
|
|||
|
Microsoft Windows for Workgroups 3.11 |
1994 |
2 |
||
|
HP Jetdirect J2550A J2552A MIO |
1994 |
5 |
||
|
Microsoft Windows 95 |
1995 |
8 |
||
|
HP Jetdirect J2550B J2552B MIO |
1996 |
11 |
||
|
HP Jetdirect J3110A J3111A EIO |
1997 |
10 |
||
|
HP Jetdirect J3263A 300X |
1998 |
1 |
||
|
HP Jetdirect J3113A 600n EIO |
1998 |
1 |
||
|
Microsoft Windows 98 |
1998 |
6 |
||
|
HP Jetdirect J3258A 170x |
1998 |
9 |
||
|
Microsoft Windows 2000 Professional |
2000 |
2 |
||
|
HP Jetdirect J4169A 610n EIO |
2000 |
10 |
||
|
Microsoft Windows XP |
2001 |
10 |
||
|
HP Jetdirect J6057A 615n EIO |
2002 |
4 |
||
|
Microsoft Windows 2003 Server |
2003 |
4 |
||
|
HP Jetdirect J7934A 620n EIO |
2004 |
4 |
||
|
HP Jetdirect J7961A 635n EIO |
2005 |
10 |
1 – HP Jetdirect
1 Jetdirect 1994 HP JetdirectMicrosoft WindowsMicrosoft Windows for Workgroups 3.11 Microsoft Windows 95
HP Jetdirect
2007 8 Microsoft Windows XP SP2 Microsoft Windows 2003 SP2 Microsoft
90Microsoft Windows 95Microsoft Windows Advanced Server 3.51
4
HP Jetdirect HPHP Jetdirect 2000 HP2 – HP Jetdirect 2007 8
HP Jetdirect
J3258G 170x
J6035G 175x USB 1.1
J3263G 300x
J7983G 510X
J7942G en3700 USB 2.0
J7934G 620n EIO 10/100
J7949E Jetdirect 10/100/MFP
J7982E Jetdirect 10/100/MFP
J7997G 630n EIO 10/100/1000
J7961G 635n EIO 10/100/1000 IPv6/IPsec
SSL/TLS SNMPv3 802.1X PEAP
SSL/TLS SNMPv3 802.1X PEAP
V.33.14
SSL/TLS SNMPv3 802.1X PEAP
SSL/TLS SNMPv3 802.1X PEAP 802.1X EAP-TLS
SSL/TLS SNMPv3 802.1X PEAP 802.1X EAP-TLS
IPsec/ SSL/TLS SNMPv3 802.1X PEAP 802.1X EAP-TLS
2 – HP Jetdirect
3 – HP Jetdirect HP HP Jetdirect
HP Jetdirect
J4100A 400n 10/100 MIO
J4106A 400n 10Mbps MIO
J3110A 600n 10Mbps EIO
J3111A 600n 10Mbps EIO
J3113A 600n 10/100 EIO
J4169A 610n 10/100 EIO
J6057A 615n 10/100 EIO
用于管理的SSL/TLS SNMPv3SSL/TLS SNMPv3
3 - HP Jetdirect
400n MIO
300X Jetdirect MIOLaserJet IIIsi LaserJet 4si EIO MFP HP LaserJet 4000
EIO 10 EIO J7961G 635n IPv6/IPsec HP LaserJet 4000 HP Jetdirect
EIO635n /MFP
5
HP Jetdirect
HP JetdirectHP Jetdirect HP Jetdirect
•1 170x 300x 500x 510x 400n 600n
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=bpj05999
•2 610n 615n 620n 625n en3700 Jetdirect (J7949E) 2
1 EWS
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=bpj07576
•3 630n Jetdirect J7982E J7987E J7991E J7992E 32IPv4/IPv6 /
•4 635n CM8000 Color MFP (J7974E) HP Jetdirect
“ ” “”
•HP Jetdirect HP Download Manager http://www.hp.com/go/dlm_sw Internet HP Download Manager HP
•Web (EWS)
•SNMPv1/v2c
•IPX/SPX AppleTalk
•4 2007 8 HP Jetdirect
|
HP Jetdirect |
|
|
|
J7949E Jetdirect |
V.33.14/V.33.15 |
|
|
J4100A 400n 10Mbps MIO |
K.08.49 |
|
|
J4106A 400n 10Mbps MIO |
K.08.49 |
|
|
J3110A 600n 10Mbps EIO |
G.08.49 |
|
|
J3111A 600n 10Mbps EIO |
G.08.49 |
|
|
J3113A 600n 10/100 EIO |
G.08.49 |
|
|
J4169A 610n 10/100 EIO |
L.25.57 |
|
|
J6057A 615n 10/100 EIO |
R.25.57 |
|
|
J3263A/J3263G 300x |
H.08.60 |
|
|
J3265A 500X |
J.08.60 |
|
|
J7983G 510X |
J.08.60 |
|
|
J7942A/J7942G en3700 USB 2.0 |
V.28.22 |
|
|
J7934A/J7934G 620n EIO 10/100 |
V.29.20 |
|
|
J7960A/J7960G 625n EIO 10/100/1000 |
V.29.29 |
|
|
J7961A/J7961G 635n EIO 10/100/1000 IPv6/IPsec |
V.36.11 |
4 – Jetdirect
6
Jetdirect /MFP JDI
HP Jetdirect
HP Jetdirect TCP 9100
TCP 9100 TCP9100 HP Jetdirect TCP
TCP9100 TCP/IP
TCP 9100 PJL PJLHP Jetdirect TCP/IP
PJL PCPJL
TCP 9100 HP JetdirectTCP 9100 TCP 51 > 1
HP Jetdirect
10
1) 1/2/3/4
0.0.0.0 HP Jetdirect
TCP2) 1/2/3/4 IP
3) 3
4) 4 IPsec
1) 1/2/3/4
255.255.255.255 IP
2) 3
3) 4 IPsec
1) 1/2/3/4
ID HPIP - 15.0.0.0 - 255.0.0.0 IP -16.0.0.0 - 255.0.0.0
2) 3
3) 4 IPsec
5 –
7
TCP
HP Jetdirect TCP/IP
IP (MITM) TCP/IPSSL/TLSSSL/TLS SSL/TLS MITM
PKI
TCP 9100
HP (UPD) HP Web Jetadmin “”
HP Jetdirect SNMP
HP Jetdirect SNMP
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00004828
HP Jetdirect HP
Web JetadminHP Jetdirect
SSL/TLS 2/3/4 SSL/TLSHTTP EWS SSL/TLSHP Jetdirect CA MITMSNMPv3 HP Web Jetadmin SNMPv3 2 3 4 HP Jetdirect SNMPv3
HP Jetdirect
HP Jetdirect http://www.hp.com/go/webjetadmin_firmware
HP Jetdirect HP JetdirectHP
HP Jetdirect
•HP Download Manager / HP Web Jetadmin
•FTP
•Web
8
HP Download Manager HP Web Jetadmin HP Jetdirect SNMP
TFTP MIB HP Jetdirect TFTP SNMP
SNMPTFTP MIB SNMPv3 HP Web JetadminSNMPv3 Hewlett-Packard HP Download Manager HP Web
Jetadmin
FTP HP Jetdirect http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=bpj07129
FTPFTP telnet
FTP
EWS HP Jetdirect http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=bpj07572 EWS
HP Jetdirect EWS HP HTTP HTTPS
HP Jetdirect
TCP/IP MITMTCP/IP MITMIP IP MITMMITM
MITM PDFAdobe Acrobat Reader MITM FTP FTP
MITM“ ” PostScript
只不过是常规TCP/IP
式工作。这种主动/ 802.1XARPARP MITM
TCP/IP MITM HP Jetdirect IPsec SSL/TLS HP IPsec 4 TCP/IP
HP Jetdirect /MFP
HP Jetdirect/MFP PJL HP JetdirectHP Jetdirect PJL PJL
/MFP /MFP
HP NIST http://www.hp.com/united-states/business/catalog/nist_checklist.html
9
1
1 HP Jetdirect BOOTP/TFTP
TFTP BOOTP/TFTP UNIX LinuxWindows BOOTP TFTP UNIX
picasso:\
:hn:\
:ht=ether:\
:vm=rfc1048:\
:ha=0001E6123456:\
:ip=192.168.40.39:\
:sm=255.255.255.0:\
:gw=192.168.40.1:\
:lg=192.168.40.3:\
:T144="hpnp/picasso.cfg":\ :T151=”BOOTP-ONLY”:
•192.168.40.3
•TFTP picasso.cfg TFTP “hpnp”
•HP Jetdirect BOOTP BOOTP DHCP
TFTP picasso.cfg
#Allow subnet 192.168.40.0 access allow: 192.168.40.0 255.255.255.0
#Disable Telnet
telnet-config: 0
#
#Disable the embedded Web server ews-config: 0
#disable unused protocols
ipx/spx: 0 dlc/llc: 0 ethertalk:0
#
#Set a password passwd:Security4Me3
#Disable SNMP
#use with caution – breaks SNMP management tools snmp-config:0
#if SNMP must be enabled, comment out the “snmp-config” command and
#uncomment out the following:
#set-community-name:Security4Me3
#get-community-name:notpublic
#default-get-community: 0
#
# parameter file parm-file:hpnp/pjlprotection
#
10