Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
MikePruett
Valued Contributor

Fortigate Vulnerability Scan Makes Samsung Printer Print Jibberish

Not sure if this is the right area but I figured since it is the Vulnerability scan that is built into the Fortigate I might as well post it. Scheduled some weekly vulnerability scans on my home network using the integrated vulnerability scanner on the Fortigate.

 

Well, I was in the restroom just now (12:30 at night my time) and I heard a printer kick off...I didn't know it was my printer at first so I ran in there ready to go toe to toe with an intruder.

 

Saw it was the printer and took a look. My Samsung printer was printing out random jibberish pages and one of them said "Rand-Test-User-Fortinet" a bunch of jibberish and then Squelda

 

After some digging into the firewall I realized it was running a scan.

 

I then remember that my main office experienced the same thing last week when the scan was going off at HQ (HQ also uses a Samsung printer). Needless to say, don't freak out if you run a Samsung style printer and your fortigate vulnerability scans your network and causes it to print some jibberish etc. You will be wasting paper but don't be alarmed haha.

Mike Pruett Fortinet GURU | Fortinet Training Videos
13 REPLIES 13
jb_kalm
Contributor

Interesting. Thanks for the heads up Mike! 

 

Thanks,

 

jb

Shawn_W
Contributor

Interesting.  Has anyone else experienced similar issues?  I will keep a heads up for this.  Thanks.

MikePruett
Valued Contributor

Just a heads up but I tested at another client's office. Does it to HP printers too haha

Mike Pruett Fortinet GURU | Fortinet Training Videos
picsas
New Contributor

Our Kyocera printers (different models) print the same thing.

 

But vulnerability scan is turned off on our Fortigate..

infolog
New Contributor

Good afternoon,

same problem with Lexmark printers and vulnerability scan off.. Have you find any solutions?

In our case, prints start at 0:00 and often trigger the alarm in the office 

 

many thanks in advance for your reply

 

Mirco Palandri

picsas
New Contributor

No solution for me yet.. Updated to the latest Firmware but didn't change anything.

It only happens on the internal Network where the fortigate is located too, routed subnets are not affected

infolog
New Contributor

Hi,

in firmware 5.2.3 i found the solution.

We notice that if you disable the vulnerability scan feature, the scan remains enabled.

to definitively disable it, from console use device-netscan command:

config system interface

        edit "internal interface"

              set device-netscan disable

        end

end

 

AlexFeren
New Contributor III

> We notice that if you disable the vulnerability scan feature

 

I don't believe it's possible to disable this feature (setting system global's 'gui-vulnerability-scan' to "disable" only removes "Vunerability Scan" menu from the GUI).

 

This is what I observe: Vulnerability Scan of 'assets' (see "config netscan assets") is initiated in any of these 3 ways:

1. on-demand (ie. manually), using "execute netscan start scan";

2. per schedule (see "config netscan settings") IF asset's 'scheduled' is "enable";

3. per schedule (see "config netscan settings") IF an asset's address is within the subnet of the interface whose interface (see "config system interface") has both 'device-identification' and 'device-netscan' set to "enable".

 

So, to practically disable the scanning, either: (i) remove all assets whose address is within the interface's subnet (with netscan) or (ii) disable netscan on the interface whose subnet contains assets' address.

kevinugr

Hi,

Does anyone have an update on this ?

 

Seems that I have this issue too, I have a FortiGate-100D v5.2.8

 

Is there any possibility to disable this only for a host or port number ?

Thanks

Top Kudoed Authors