Unauthorized print jobs

Many networked printers here and at other sites recently began exhibiting problems in which the printer spewed out all of its available paper by printing out advertisements, offensive pictures and text, or gibberish.  

IMSS does not recommend leaving networked printers exposed to the public Internet, since typically there are a variety of abuse-prone services enabled on such printers.  If your printer is not behind a firewall and does not have built-in access controls that allow you to restrict access at the network level, we recommend configuring your printer to use a static IP address, and then requesting that Information Security block that IP address at the campus border routers.  If you won't be able to do this quickly and your printer has been printing out unauthorized print jobs, take the printer offline in the meantime, and only reconnect it when you will be using it.  If you're not sure whether your printer has built-in access controls, please contact the Help Desk (x3500, help@caltech.edu or https://help.caltech.edu) for assistance, and provide the printer's make and model information.

To request a static IP address, go to https://help.caltech.edu and select "IMSS-->Network, Wireless & Remote Access-->Host and Address Requests", then provide the following information:

Name of Responsible Party (RP) or systems administrator to act as a point of contact for this device
Building and Room where the device is connected to the campus network
Phone Number of RP (optional)
RP's Caltech Email Address (preferably your @caltech.edu email address)
Desired Hostname to be assigned to the device, if any.

If you're not sure if the printer has a static IP address, the Help Desk can assist you.

You must configure the printer to use the assigned static IP address once it’s issued.  Once that's done, contact Information Security by going to https://help.caltech.edu and selecting "IMSS-->Information Security —> Security - General to request that the static IP address for your printer be blocked at the border routers.