Disabling TLS 1.0 and SSL 3.0 on a MP C4502

Collapse
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • MitchD
    Trusted Tech

    100+ Posts
    • Oct 2012
    • 164
    #1

    Disabling TLS 1.0 and SSL 3.0 on a MP C4502

    ricoh 4502 security settings.jpgricoh 4502 SSL TLS screen.jpgricoh 4502 Nexpose Security Console __ Asset Summary.pdfcopier tls vuln.jpgcopier ssl vuln.jpg

    Any ideas? Looks like he has everything unchecked correctly.

    Thanks
    "Heavy music to the normal ear is nothing but a loud annoyance. Most people think of it as obnoxious, talentless music but to someone who really listens and is really in love with music knows how beautiful and amazing it can be" Tommy Rogers of Between The Buried and Me"
    Tags: c4502, flagged, i’m, ssl, tls
    • slimslob
      Retired

      Site Contributor
      25,000+ Posts
      • May 2013
      • 35064
      #2
      Re: Disabling TLS 1.0 and SSL 3.0 on a MP C4502

      I am seeing one major discrepancy on the Nexpose Security Console report. It is referring to the name as lanierld525c.mjmec.local. A Lanier LD525 would be an Aficio MP C2550. This tells me that a lazy tech or IT changed the network name to match that of a previous machine. This in and of itself can introduce potential vulnerabilities, both actual and falsely reported. SMB signing was a problem preventing scan to anything after Windows 98 on older model Ricohs that are not up to date on their firmware. Also some of the vulnerabilities have to do with sending to the C4502.

        Comment

        • keithxxiii
          Just a tech

          250+ Posts
          • Nov 2014
          • 468
          #3
          Re: Disabling TLS 1.0 and SSL 3.0 on a MP C4502

          Some device settings can be disabled by using telnet
          Aye! Cut the crap

            Comment

            • MitchD
              Trusted Tech

              100+ Posts
              • Oct 2012
              • 164
              #4
              Re: Disabling TLS 1.0 and SSL 3.0 on a MP C4502

              Originally posted by slimslob
              I am seeing one major discrepancy on the Nexpose Security Console report. It is referring to the name as lanierld525c.mjmec.local. A Lanier LD525 would be an Aficio MP C2550. This tells me that a lazy tech or IT changed the network name to match that of a previous machine. This in and of itself can introduce potential vulnerabilities, both actual and falsely reported. SMB signing was a problem preventing scan to anything after Windows 98 on older model Ricohs that are not up to date on their firmware. Also some of the vulnerabilities have to do with sending to the C4502.
              HA! I just noticed that. I'm going on site this morning to pull down a full SMC report at the request of Ricoh Tech Support. I will double check that host name. Tech support said they are aware of an issue of the ports not being closed even tho the protocol is turned off. Engineering is working on it.

              We will see.........
              "Heavy music to the normal ear is nothing but a loud annoyance. Most people think of it as obnoxious, talentless music but to someone who really listens and is really in love with music knows how beautiful and amazing it can be" Tommy Rogers of Between The Buried and Me"

                Comment

                • MitchD
                  Trusted Tech

                  100+ Posts
                  • Oct 2012
                  • 164
                  #5
                  Re: Disabling TLS 1.0 and SSL 3.0 on a MP C4502

                  Originally posted by keithxxiii
                  Some device settings can be disabled by using telnet
                  I thought this too, I went through telnet and didn't see anything. Ricoh Tech Support is on the case. I will let you know what they say.
                  "Heavy music to the normal ear is nothing but a loud annoyance. Most people think of it as obnoxious, talentless music but to someone who really listens and is really in love with music knows how beautiful and amazing it can be" Tommy Rogers of Between The Buried and Me"

                    Comment

                    Previous template Next
                    Working...