HP Jetdirect Security Guidelines
Page 11
... # 11 An example of the contents of the TFTP daemon's home directory • Forces HP Jetdirect to DHCP if a BOOTP server is unavailable. Many customers associate BOOTP/TFTP with very little administration overhead once configured. breaks SNMP management tools snmp-config:0 # # if SNMP must be provided here. An example UNIX configuration will be enabled...
... # 11 An example of the contents of the TFTP daemon's home directory • Forces HP Jetdirect to DHCP if a BOOTP server is unavailable. Many customers associate BOOTP/TFTP with very little administration overhead once configured. breaks SNMP management tools snmp-config:0 # # if SNMP must be provided here. An example UNIX configuration will be enabled...
HP Jetdirect Administrator's Guide
Page 47
# # Example of an HP Jetdirect TFTP Configuration File # # Allow only Subnet 192.168.10 access to peripheral. # Up to 10 'allow' entries can be written through TFTP. # Up to 10 'allow' entries can be written through Telnet # or embedded Web server. # 'allow' may include single IP ...addresses. # allow: 192.168.10.0 255.255.255.0 # # # Disable Telnet # telnet-config: 0 # # Enable the embedded Web server # ews-config: 1 # # Detect SNMP unauthorized usage # auth-trap: on # # Send Traps...
# # Example of an HP Jetdirect TFTP Configuration File # # Allow only Subnet 192.168.10 access to peripheral. # Up to 10 'allow' entries can be written through TFTP. # Up to 10 'allow' entries can be written through Telnet # or embedded Web server. # 'allow' may include single IP ...addresses. # allow: 192.168.10.0 255.255.255.0 # # # Disable Telnet # telnet-config: 0 # # Enable the embedded Web server # ews-config: 1 # # Detect SNMP unauthorized usage # auth-trap: on # # Send Traps...
HP Jetdirect Administrator's Guide
Page 48
Table 3.2 lists supported TFTP commands (HP Jetdirect firmware version V.28.xx or later). Table 3.2 List of Supported TFTP Commands (1 of 2) General ● passwd: ● ssl-state: ● sys-location: ●... ● 9100-printing: ● interlock: ● ftp-printing: ● buffer-packing: ● ipp-printing: ● write-mode: ● lpd-printing: ● mult-tcp-conn: ● banner: TCP/IP Raw Print Ports ● raw-port: TCP/IP Access Control ● allow: netnum [mask] TCP/IP Other Settings ● syslog-config: ● ipv4-multicast: ● ...
Table 3.2 lists supported TFTP commands (HP Jetdirect firmware version V.28.xx or later). Table 3.2 List of Supported TFTP Commands (1 of 2) General ● passwd: ● ssl-state: ● sys-location: ●... ● 9100-printing: ● interlock: ● ftp-printing: ● buffer-packing: ● ipp-printing: ● write-mode: ● lpd-printing: ● mult-tcp-conn: ● banner: TCP/IP Raw Print Ports ● raw-port: TCP/IP Access Control ● allow: netnum [mask] TCP/IP Other Settings ● syslog-config: ● ipv4-multicast: ● ...
HP Jetdirect Administrator's Guide
Page 49
...; auth-trap: ● get-cmnty-name: ● trap-dest: ● set-cmnty-name: IPX/SPX ● ipx-config: ● ipx-nds-context: ● ipx-unit-name: ● ipx-job-poll: ● ipx-frametype: ● pjl-banner: ● ipx-sapinterval...ipx-nds-tree: ● pjl-toner-low: AppleTalk ● appletalk: ● name-override: DLC/LLC ● dlc/llc-config: Other Settings ● link-type: ● MFP-config: ● upgrade: ● usb-mode: ● webscan-config: ● status-page-lang: ● scan-idle-timeout: ● network-select: ● scan-email...
...; auth-trap: ● get-cmnty-name: ● trap-dest: ● set-cmnty-name: IPX/SPX ● ipx-config: ● ipx-nds-context: ● ipx-unit-name: ● ipx-job-poll: ● ipx-frametype: ● pjl-banner: ● ipx-sapinterval...ipx-nds-tree: ● pjl-toner-low: AppleTalk ● appletalk: ● name-override: DLC/LLC ● dlc/llc-config: Other Settings ● link-type: ● MFP-config: ● upgrade: ● usb-mode: ● webscan-config: ● status-page-lang: ● scan-idle-timeout: ● network-select: ● scan-email...
HP Jetdirect Administrator's Guide
Page 51
... sent to TCP port 9100 on the Jetdirect configuration page. domain-name: The domain name for the device (for printing each time the print server is limited to print through FTP: 0 disables, 1 (default) enables. TCP/IP Print Options 9100-printing: (9100-config:) Enables or disables printing to the printer for example, support.hp.com). Table 3.3 TFTP Configuration File Parameters (2 of...
... sent to TCP port 9100 on the Jetdirect configuration page. domain-name: The domain name for the device (for printing each time the print server is limited to print through FTP: 0 disables, 1 (default) enables. TCP/IP Print Options 9100-printing: (9100-config:) Enables or disables printing to the printer for example, support.hp.com). Table 3.3 TFTP Configuration File Parameters (2 of...
HP Jetdirect Administrator's Guide
Page 52
... bit is set . 1: all-push option. For current HP Jetdirect print servers, the Port Number is allowed to close a Port 9100 print connection. lpd-printing: (lpd-config:, lpd:) Enables or disables LPD (Line Printer Daemon) printing services on all data packets. Valid ports are 3000 to ...(interlock-mode:) Specifies whether an acknowledgement (ACK) on the Jetdirect print server. 0 disables, 1 (default) enables. write-mode: Controls the setting of 12) ipp-printing: (ipp-config:, ipp:) Enables or disables the ability to print through IPP: 0 disables, 1 (default) enables. ENWW TCP...
... bit is set . 1: all-push option. For current HP Jetdirect print servers, the Port Number is allowed to close a Port 9100 print connection. lpd-printing: (lpd-config:, lpd:) Enables or disables LPD (Line Printer Daemon) printing services on all data packets. Valid ports are 3000 to ...(interlock-mode:) Specifies whether an acknowledgement (ACK) on the Jetdirect print server. 0 disables, 1 (default) enables. write-mode: Controls the setting of 12) ipp-printing: (ipp-config:, ipp:) Enables or disables the ability to print through IPP: 0 disables, 1 (default) enables. ENWW TCP...
HP Jetdirect Administrator's Guide
Page 53
...information, see Chapter 7. The default is an address mask of hosts that can be sent by the HP Jetdirect print server on the print server: 0 disables, 1 (default) enables. By default, the HP Jetdirect print server uses LPR as the source facility code, but local user values of local0 through local7 can be used...syslog messages is 8, messages of all hosts are reported. This setting allows administrators to . The filter range is not required. slp-config: Enables or disables the Service Location Protocol (SLP) operation on a per minute. If there are no entries, all priorities are...
...information, see Chapter 7. The default is an address mask of hosts that can be sent by the HP Jetdirect print server on the print server: 0 disables, 1 (default) enables. By default, the HP Jetdirect print server uses LPR as the source facility code, but local user values of local0 through local7 can be used...syslog messages is 8, messages of all hosts are reported. This setting allows administrators to . The filter range is not required. slp-config: Enables or disables the Service Location Protocol (SLP) operation on a per minute. If there are no entries, all priorities are...
HP Jetdirect Administrator's Guide
Page 54
... user-specified LPD queues 5 through UDP port 5353) where a conventional DNS server is disabled. mdns-config: Enables or disables Multicast Domain Name System (mDNS) services. 0 disables, 1 (default) enables. mdns-pri-svc: Specifies the mDNS highest priority service to use for printing.To set to a -1, multicast capability is neither used on the printer, typically...
... user-specified LPD queues 5 through UDP port 5353) where a conventional DNS server is disabled. mdns-config: Enables or disables Multicast Domain Name System (mDNS) services. 0 disables, 1 (default) enables. mdns-pri-svc: Specifies the mDNS highest priority service to use for printing.To set to a -1, multicast capability is neither used on the printer, typically...
HP Jetdirect Administrator's Guide
Page 55
...config: (web:) Enables or disables the print server's embedded Web server to be automatically disconnected. ENWW TCP/IP Configuration 55 The default is 15 seconds. The default is 270 seconds. The default is 5 - 120 seconds. tcp-mss: (subnets-local:) Specifies the maximum segment size (MSS) that the HP Jetdirect print server... for use of other hosts to remain open. telnet-config: (telnet:) If set to 0, this parameter is set to allow incoming Telnet connections. If this parameter instructs the print server not to 1, incoming Telnet connections are assumed to change...
...config: (web:) Enables or disables the print server's embedded Web server to be automatically disconnected. ENWW TCP/IP Configuration 55 The default is 15 seconds. The default is 270 seconds. The default is 5 - 120 seconds. tcp-mss: (subnets-local:) Specifies the maximum segment size (MSS) that the HP Jetdirect print server... for use of other hosts to remain open. telnet-config: (telnet:) If set to 0, this parameter is set to allow incoming Telnet connections. If this parameter instructs the print server not to 1, incoming Telnet connections are assumed to change...
HP Jetdirect Administrator's Guide
Page 56
dhcp-arbitration: Specifies the amount of time, in seconds, that the print server will be set to 0, the refresh rate is 5 seconds. phone-home-config: Specifies privacy settings on the print server during a forced TCP/IP reconfiguration (for example, when powered off/on or manually ... the time interval (1 -99999 seconds) for DHCP configuration offers. SNMP snmp-config: Enables or disables SNMP operation on the print server. 0 disables, 1 (default) enables SNMP. In addition, firmware upgrades through current HP downloading utilities will disable all SNMP agents (SNMP v1, v2, v3) as...
dhcp-arbitration: Specifies the amount of time, in seconds, that the print server will be set to 0, the refresh rate is 5 seconds. phone-home-config: Specifies privacy settings on the print server during a forced TCP/IP reconfiguration (for example, when powered off/on or manually ... the time interval (1 -99999 seconds) for DHCP configuration offers. SNMP snmp-config: Enables or disables SNMP operation on the print server. 0 disables, 1 (default) enables SNMP. In addition, firmware upgrades through current HP downloading utilities will disable all SNMP agents (SNMP v1, v2, v3) as...
HP Jetdirect Administrator's Guide
Page 57
..."public"; Authentication traps indicate that determines which SNMP SetRequests (control functions) the HP Jetdirect print server will respond to. The port number cannot be ASCII characters. IPX/SPX ipx-config: (ipx/spx:) Enables or disables IPX/SPX protocol operation on ." The ...trap-destination:) Enters a host's IP address into the HP Jetdirect print server's SNMP trap destination list. The list may limit configuration access through the print server's host access list). auth-trap: (authentication-trap:) Configures the print server to three entries. If a "trap-community-name"...
..."public"; Authentication traps indicate that determines which SNMP SetRequests (control functions) the HP Jetdirect print server will respond to. The port number cannot be ASCII characters. IPX/SPX ipx-config: (ipx/spx:) Enables or disables IPX/SPX protocol operation on ." The ...trap-destination:) Enters a host's IP address into the HP Jetdirect print server's SNMP trap destination list. The list may limit configuration access through the print server's host access list). auth-trap: (authentication-trap:) Configures the print server to three entries. If a "trap-community-name"...
HP Jetdirect Administrator's Guide
Page 58
..., that specifies the NDS context for print jobs in a print queue. AppleTalk appletalk: (at-config:, ethertalk:) Enables or disables AppleTalk (EtherTalk) protocol operation on the network. ipx-sapinterval: Specifies the time interval (1 to the print server (31 characters maximum). ipx-job-poll: Specifies the time interval (seconds) that the HP Jetdirect print server waits between Service Advertising Protocol (SAP...
..., that specifies the NDS context for print jobs in a print queue. AppleTalk appletalk: (at-config:, ethertalk:) Enables or disables AppleTalk (EtherTalk) protocol operation on the network. ipx-sapinterval: Specifies the time interval (1 to the print server (31 characters maximum). ipx-job-poll: Specifies the time interval (seconds) that the HP Jetdirect print server waits between Service Advertising Protocol (SAP...
HP Jetdirect Administrator's Guide
Page 59
...: To configure one peripheral. 0 (default): disables client software support (allows printing only). 1: enables client software support (allows printing and scanning). scan-email-config: Enable or disable the scan-to-email feature in -one or more Jetdirect print servers with your multifunction or all-in the Web Scan server. 0 disables, 1 (default) enables. Other Settings link-type: (10/100...
...: To configure one peripheral. 0 (default): disables client software support (allows printing only). 1: enables client software support (allows printing and scanning). scan-email-config: Enable or disable the scan-to-email feature in -one or more Jetdirect print servers with your multifunction or all-in the Web Scan server. 0 disables, 1 (default) enables. Other Settings link-type: (10/100...
HP Jetdirect Administrator's Guide
Page 79
... Manual configuration. ENWW TCP/IP Configuration 79 general Disables the Advanced commands. General Command Description passwd Set the administrator password (shared with the embedded Web server and HP Web Jetadmin). advanced Enables the Advanced commands. Note If a parameter is entered twice for editing, and importing through Telnet or TFTP (this password.... that "jd1234" is supplied dynamically (for a user name and this command is only supported by a cold reset. To set Manual configuration, see the ip-config command. Telnet Commands and Parameters.
... Manual configuration. ENWW TCP/IP Configuration 79 general Disables the Advanced commands. General Command Description passwd Set the administrator password (shared with the embedded Web server and HP Web Jetadmin). advanced Enables the Advanced commands. Note If a parameter is entered twice for editing, and importing through Telnet or TFTP (this password.... that "jd1234" is supplied dynamically (for a user name and this command is only supported by a cold reset. To set Manual configuration, see the ip-config command. Telnet Commands and Parameters.
HP Jetdirect Administrator's Guide
Page 83
....254.x.x. ip-config Specify the configuration method: manual: The print server will send BOOTP requests on the network for the print server. Status will send DHCP requests on the print server. ip IP address for dynamic IP configuration. If you should manually change the print server's IP address. The value 0.0.0.0 disables the subnet mask. Note: If the HP Jetdirect print server is NPIxxxxxx...
....254.x.x. ip-config Specify the configuration method: manual: The print server will send BOOTP requests on the network for the print server. Status will send DHCP requests on the print server. ip IP address for dynamic IP configuration. If you should manually change the print server's IP address. The value 0.0.0.0 disables the subnet mask. Note: If the HP Jetdirect print server is NPIxxxxxx...
HP Jetdirect Administrator's Guide
Page 84
... IPP. 0 disables, 1 (default) enables. (TCP port 631) lpd-printing Enables or disables the ability to the HP Jetdirect print server. pri-wins-svr The IP address of the primary DNS (Domain Name System) server. TCP/IP Print Options Command Description 9100-printing Enables or disables printing to use with supported Scan devices. ENWW TCP/IP Configuration 84 smtp-svr...
... IPP. 0 disables, 1 (default) enables. (TCP port 631) lpd-printing Enables or disables the ability to the HP Jetdirect print server. pri-wins-svr The IP address of the primary DNS (Domain Name System) server. TCP/IP Print Options Command Description 9100-printing Enables or disables printing to use with supported Scan devices. ENWW TCP/IP Configuration 84 smtp-svr...
HP Jetdirect Administrator's Guide
Page 86
....0.0.0 255.0.0.0 allows hosts on the HP Jetdirect print server. In this case, the default mask 255.255.255.255 is assumed and is an address mask of bits applied to the network number and host address to the syslog server. TCP/IP Other Command Description syslog-config Enables or disables syslog server operation on a per minute. For...
....0.0.0 255.0.0.0 allows hosts on the HP Jetdirect print server. In this case, the default mask 255.255.255.255 is assumed and is an address mask of bits applied to the network number and host address to the syslog server. TCP/IP Other Command Description syslog-config Enables or disables syslog server operation on a per minute. For...
HP Jetdirect Administrator's Guide
Page 87
...is persistent and is used by selected HP software applications (through UDP port 427) to the device, in the form .local. Apple Rendezvous will depend on the network to send multicast packets on the printer, typically port 9100 printing or LPD binps. mDNS Domain Name...this device or service. mdns-config Enables or disables Multicast Domain Name System (mDNS) services. 0 disables, 1 (default) enables. mdns-pri-svc Specifies the mDNS highest priority service to use for Service Location Protocol (SLP) packets. The default value is used on the print server: 0 disables, 1 (...
...is persistent and is used by selected HP software applications (through UDP port 427) to the device, in the form .local. Apple Rendezvous will depend on the network to send multicast packets on the printer, typically port 9100 printing or LPD binps. mDNS Domain Name...this device or service. mdns-config Enables or disables Multicast Domain Name System (mDNS) services. 0 disables, 1 (default) enables. mdns-pri-svc Specifies the mDNS highest priority service to use for Service Location Protocol (SLP) packets. The default value is used on the print server: 0 disables, 1 (...
HP Jetdirect Administrator's Guide
Page 88
... MSS=536 bytes for remote networks. 2: All networks are not affected. tcp-mss Specifies the maximum segment size (MSS) that the HP Jetdirect print server will not be automatically disconnected. The default is 270 seconds. ENWW TCP/IP Configuration 88 The default is 15 seconds. If set to... connection is 900 seconds. 0 disables the timeout. cold-reset Sets TCP/IP factory default settings. ews-config Enables or disables the print server's embedded Web server. 0 disables, 1 (default) enables. Table 3.4 Telnet Commands and Parameters (10 of 18) ipv4-multicast Enables or disables the ...
... MSS=536 bytes for remote networks. 2: All networks are not affected. tcp-mss Specifies the maximum segment size (MSS) that the HP Jetdirect print server will not be automatically disconnected. The default is 270 seconds. ENWW TCP/IP Configuration 88 The default is 15 seconds. If set to... connection is 900 seconds. 0 disables the timeout. cold-reset Sets TCP/IP factory default settings. ews-config Enables or disables the print server's embedded Web server. 0 disables, 1 (default) enables. Table 3.4 Telnet Commands and Parameters (10 of 18) ipv4-multicast Enables or disables the ...
HP Jetdirect Administrator's Guide
Page 89
... The default is not assigned. dhcp-arbitration Specifies the amount of time, in seconds, that the print server will wait for example, when powered off/on . dhcp-fqdn-config dhcp-fqdn-behavior Specifies configuration control of the Fully Qualified Domain Name (FQDN), using a manual configuration... (for DHCP configuration offers. AUTO_IP: sets a link-local IP address 169.254.x.x. default-ip Specifies the IP address to use when the print server is unable to obtain an IP address from 1 to 10 may be assigned. 1: A gateway is 5 seconds. Table 3.4 Telnet Commands ...
... The default is not assigned. dhcp-arbitration Specifies the amount of time, in seconds, that the print server will wait for example, when powered off/on . dhcp-fqdn-config dhcp-fqdn-behavior Specifies configuration control of the Fully Qualified Domain Name (FQDN), using a manual configuration... (for DHCP configuration offers. AUTO_IP: sets a link-local IP address 169.254.x.x. default-ip Specifies the IP address to use when the print server is unable to obtain an IP address from 1 to 10 may be assigned. 1: A gateway is 5 seconds. Table 3.4 Telnet Commands ...