I'm unsure if this should be asked here or over on security.stackexchange.com...
Over the Easter long weekend, a small office of ours had a network breach in that an old HP printer was used to print some very offensive antisemitic documents. It appears to have happened to a number of universities in Western cultures all over the world.
Anyway... I read that it's actually a pretty basic security exploit with most networked printers. Something to do with TCP port 9100 and access to the internet. I haven't been able to find much info on the specifics of how because everyone seems too concerned with the why.
The network setup is pretty simple for the office that was affected. It has 4 PC's, 2 networked printers, an 8-port switch and a residential modem/router running an ADSL2+ connection (with static internet IP and a pretty vanilla configuration).
Is the point of weakness in the modem/router or the printer?
I've never really considered a printer as a security risk that needs to be configured, so in an effort to protect this office's network, I'd like to understand how the printers were exploited. How can I stop or block the exploit? And check or test for the exploit (or correct block of the exploit) in our other much larger offices?