STIGQter: STIG Summary: Multifunction Device and Network Printers STIG Version: 2 Release: 14 Benchmark Date: 25 Oct 2019:

Print services for a MFD or printer are not restricted to Port 9100 and/or LPD (Port 515). Where both Windows and non-Windows clients need services from the same device, both Port 9100 and LPD can be enabled simultaneously.

DISA Rule

SV-7015r1_rule

Vulnerability Number

V-6790

Group Title

Print Services Restricted to Port 9100 and/or LPD

Rule Version

MFD03.001

Severity

CAT III

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Develop a plan to coordinate the reconfiguration of the printer servers and clients so that print services runs only on authorized ports. Obtain CM approval of the plan and implement the plan.

Check Contents

The reviewer will, with the assistance of the SA, verify that the MFD or printer print services are restricted to LPD or port 9100.

Where both Windows and non-Windows clients need services from the same device, both Port 9100 and LPD can be enabled simultaneously.

Vulnerability Number

V-6790

Documentable

False

Rule Version

MFD03.001

Severity Override Guidance

The reviewer will, with the assistance of the SA, verify that the MFD or printer print services are restricted to LPD or port 9100.

Where both Windows and non-Windows clients need services from the same device, both Port 9100 and LPD can be enabled simultaneously.

Check Content Reference

M

Potential Impact

Print clients configured to use the unauthorized port(s) will not be able to print until they are reconfigured to use the correct port.

Responsibility

System Administrator

Target Key

551

Comments