Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Unless you have IPv6 turned on ... in which case many of these printers will automatically grab an IPv6 and be publicly accessible.


Depends. Some builds of Tomato (Toastman's for sure) put a firewall up on IPv6 by default. Asus's firmware does NOT firewall IPv6 at all. If you have shell access to your router, I suggest putting up a firewall on IPv6. The following should work (change br0 to the bridged LAN interface and eth0 to the WAN interface, sometimes it's a vlan):

  ip6tables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
  ip6tables -A FORWARD -i eth0 -o br0 -p all -j DROP
  ip6tables -A FORWARD -i br0 -j ACCEPT
  ip6tables -A FORWARD -o br0 -j ACCEPT
  ip6tables -A FORWARD -j DROP
Of course insert whatever open ports you want after the first line.




Consider applying for YC's Summer 2026 batch! Applications are open till May 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: