Could someone have changed my fax header remotely?

Discussion in 'hardware' started by fleming4, Jun 25, 2018.

  1. fleming4

    fleming4 Registered Member

    Joined:
    Jun 25, 2018
    Posts:
    3
    Location:
    USA
    I have an HP Officejet Pro 8600 all-in-one, bought several years ago. It is wirelessly connected to our home wifi network. We have several PCs and iPads which connect regularly to the printer for wireless printing. I recently discovered that the fax header (which appears at the top of outgoing faxing) was changed to something very inappropriate. I'm trying to figure out if this could have been done remotely by someone hacking in through the wifi router, or could this only have been done by someone accessing the machine directly in person? Thanks in advance.
     
  2. Bill_Bright

    Bill_Bright Registered Member

    Joined:
    Jun 29, 2007
    Posts:
    4,041
    Location:
    Nebraska, USA
    I don't see how it could be done, except by someone who knows not only your wireless passphrase but also the admin password to your HP Officejet - or as you suggested, by someone physically in your home accessing the HP directly in person.

    I used to have an HP OfficeJet Pro 8600 myself. And it required a password to access its internal admin menu and fax settings remotely via the network. I have a different HP now and it too requires a password to access remotely. But I just checked if I could change the fax header from the printer's front panel without entering any password. And I can! :(

    Got a kid in the house?

    Regardless, I sure would change your router's admin password, the wifi passphrase and the printer's webserver/admin password too. Don't pick the dog's name or your house address. Use a strong password/passphrase no one can guess. And, as always, never write your passwords down. Use a password manager program.

    Make sure your wireless network uses the best security mode possible (WPA2-AES or WPA2 Personal if all your connected devices support that). You can also limit the devices that are allowed to connect with MAC Filtering - this is a bit tedious to setup and a clever person can by-pass it. But for most people, it will prevent devices you have not added (with their own unique MAC addresses) from connecting. Another option is to limit the number of devices that can connect at one time. If you only have 6 devices (computers, TVs, cell phones, smart refrigerators, etc.) you can tell most routers to only allow that many devices at once.

    Most routers also allow you to limit access time. My Linksys router lets me turn on and off wifi access based on the day of the week, and the hours each day.
     
  3. fleming4

    fleming4 Registered Member

    Joined:
    Jun 25, 2018
    Posts:
    3
    Location:
    USA
    Thanks for the reply, Bill. My Officejet Pro does not require an admin password to access via the computer. By double-clicking on the HP icon on my desktop, one can directly access all the machine's settings. Unfortunately, our wifi password is not as secure as it should be (and will be very soon). Given this, do you feel it is possible someone could have accessed the fax header section of the "Manage Fax Settings" through the HP icon on my notebook computer, which is linked via wifi to the Officejet? Or could someone who was logged in to the wifi network have been able to access the fax settings directly through the network without going through the computer?
     
  4. Bill_Bright

    Bill_Bright Registered Member

    Joined:
    Jun 29, 2007
    Posts:
    4,041
    Location:
    Nebraska, USA
    You should be able to set the admin password to the printer. See page 224 of your manual. If no password was set, then anyone from any computer on your network could have changed that.
     
  5. fleming4

    fleming4 Registered Member

    Joined:
    Jun 25, 2018
    Posts:
    3
    Location:
    USA
    Thanks for your help.
     
  6. Bill_Bright

    Bill_Bright Registered Member

    Joined:
    Jun 29, 2007
    Posts:
    4,041
    Location:
    Nebraska, USA
    Sure.

    Just in case, I would make sure all your computers are fully updated, and you run a malware scan too.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.