2014-04-22

Because I specially mentioned Windows Print Shares in the LaserJet 1012 Windows 7 fix guide, I feel like I should explain why I said what I did about Windows Print Shares, and why I personally feel the security on them is downright terrible on so many levels. I do not know everything about Print Shares, but I know enough to understand how horrible the security is.

If you have read the guide before I wrote this, you will know I made specific mentions of Windows Print Shares, and that it is very ill-advised to implement one-just in case you missed the guide before I opted to make it private until I have more time to finalize everything, I said the following things in Step 7

It's probably better you don't share it, and pick up a used JetDirect if you need this printer on a network-JetDirect print servers have better security then a Windows Print Share.

You're also better off with a JetDirect print server if you run Linux machines, too-Print Shares in Linux tend to be very flaky and usually don't work out so well, due to them being made for Windows.



Why did I say this? Well, it’s because I genuinely believe Windows Print Shares are best avoided, unless it’s your only option to network a printer

There are 3 major problems with this, and I am prepared to explain them, and why I took the route I did with discussing Windows Print Shares.

1) Abysmal security on your shared devices

I say this for a few reasons. On any Windows PC you connect to a Print Share, you only need to know 2 things to use it and these things are the PC name, and the printer share name-there is NO level of security on Print Shares to prevent someone from using your printer without your permission, and if they want to use it all they need is your share name and computer name to use it. There is no option to lock your printer down to require an administrator’s username to install it, and authenticate said user onto your print shares. I will say it is a little bit better in this regard on Macintosh computers, because in order to use Windows print shares you need an administrator account name to use it, but you can also enter guest for the username and you don’t even need a password to see the print shares at that point-just select the printer you want, and it installs as if it was on Windows. You can also use this guest exploit to print, even if you do not know the computer administrators account name and password, too. This will last the life of the Print Share and can not be corrected, or even locked down to be slightly better.

This page is all you will ever need to get the PC name if you ever wanted access to a printer on an Windows Print Share



2)JetDirect Print Servers tend to be more secure, even if they are older models

if you take a look at Step 16 in the screenshot I have provided for the JetDirect print servers the LaserJet 1012 supports officially, you will notice there is one Wireless print server this machine supports, while the rest are wired models. The JetDirect WP110 Wireless Print Server is basically it’s own dedicated host on your network, and acts independent on the Network, so it isn’t tied to your computer to be on the network like Windows Print Shares are tied to the machine to be on the network, but security wise the JetDirect WP110 also supports printer connection encryption, so anyone who wants to use your printer has to know the “key” to use it, which means they have to come to you, the server Administrator to get authorization to use the printer, which a Windows Print Share will not allow(recall I said anyone with your PC name can find your printer on Windows, and anyone with a Mac just needs your Admin account, or know guest works in place of the admin account unless this is blocked on your computer the printer is being shared from), and thus allows you to better manage who has access to your printer-a much better setup. The JetDirect WP110 only supports WEP due to it being an 802.11b print server, but despite the bad reputation WEP gets compared to WPA encryption, this is world’s better then what is essentially open printer access on a Windows Print Share. This also allows for centralized printer administration that cannot be changed by the person running the computer.



3) Linux support

Let’s face it-Windows Print Shares only work well on Mac and Windows computers. They can work in Linux, but in my experience this is they very rarely end up working, and if they do it’s usually very, very flaky. These print shares also seem to have trouble connecting to the printer at times, even with it set up correctly. If you run Linux machines, you need a JetDirect for reliable network access anyway. I would also go as far as calling a JetDirect a requirement with Linux computer setups if you intend to network the printer.

Will I ever write a guide on how to set up a print share one day? Maybe, but I need to study Print Shares more in depth and find more holes to patch in the setup process, that reasonably can be without breaking it and that may very well be too limited for me to consider it. So as it stands I am going to back what I said about Print Shares in Windows 110% unless someone can prove to me the security on Print Shares isn't this bad.

⟐ Edited April 21, 2014 at 6:59 pm -0700

Show more