HP JetAdvantage Security Manager 10 Device E-LTU Instrukcja Użytkownika Pobierz pdf (Strona 72)

practices can protect from outside intrusion. Although not part of the HP Best Practices policy

template, it is always recommended to disable unnecessary protocols.

Web-Services Discovery (WS-Discovery)

Web services discovery (WS-Discovery) defines a multicast protocol that is used to discover network

devices on a local network, typically in Windows Vista or later environments. You can safely disable

this item if Windows Vista or later are not used.

Web Services Discovery (WS-Discovery) is a multicast dynamic discovery protocol capable of

locating Web Services in unmanaged or managed networks. WS-Discovery is transport independent

and may be used over http, udp, and other transports. The most common transport implementation is

SOAP (Simple Object Access Protocol) over UDP (User Datagram Protocol). DPWS (Devices Profile

for Web Services) is a profile that enables plug-and-play for networked devices. A PC or other device

can detect Web Services enabled devices on a network, then discover and invoke the Web Service

functionality each device provides. The DPWS objective are similar to those of Universal Plug and

Play (UPnP), but are fully aligned with Web Services technology and includes extensibility to transition

from local to enterprise-wide environments.

When a capable, enabled HP printer joins the network, it sends a Hello announcement message to

the multicast group. This Hello message contains general information about the HP device. After

receiving notification of the HP device’s services through the Hello message, a client will then send a

specific Probe request. To preserve network bandwidth, the HP device will respond with a Probe

Match Response that contains the necessary device information (similar to the information found in an

SLP packet) to avoid the need for additional Probe requests. WS-Discovery uses multicast address

239.255.255.250 and IANA registered port 3702 for IPv4 networks. Multicast address FF05::C

(site-local scope), instead of FF02::C (link-local scope), is used for IPv6. There are 4 defined WS-

Discovery packets generated by HP Jetdirect; Hello, Bye, Probe Match Response and Resolve Match

Response. Hello is the announcement of network arrival and Bye is the departure. Probe Match

Response is a reply to a Probe Match by specific service type and Resolve Match Response is a reply

to more of a general request for service location. HP Printer installers utilize WS-Discovery quick

installation and HP Web Jetadmin can be configured to passively discover WS-Discovery capable HP

printers.

The most common security exploit scenario requires the attacker to know the target’s unique WSD

address, a value that is automatically sent in the UDP broadcast to port 3702. However, this would

require the hacker to have access to the same subnet. If on the same subnet, a device could be

exploited via the Web Services Discovery API. It is recommended to disable WS-Discovery, if not

needed for network plug and play.

WS-Print/WS-Discovery being disabled blocks Windows Phone Print, along with the V4 UPD.

1 2 ... 67 68 69 70 71 72 73 74 75 76 77 ... 115 116

Brak uwag

HP JetAdvantage Security Manager 10 Device E-LTU Instrukcja Użytkownika Strona 72