What is it?
Internet Printing Protocol (IPP), as its name implies, allows computers and mobile phones to send print jobs to a printer connected to the network. It is the basis for a number of proprietary network printing services like AirPrint, IPP Everywhere and Mopria Alliance.
IPP not only allows queueing of jobs to be printed, but also allows querying the print queue and removing print jobs from the queue.
Why is it a risk?
IPP can be exposed to either your local network or the Internet at large. When exposed to the Internet, IPP can be used to determine details of your internal network that can be exploited by hackers. The ZDNet article “80,000 printers are exposing their IPP port online”, linked below, provides more details.
ShadowServer, an independent Internet security research group, rates the risk of open IPP ports as “High” due to the availability of tools to exploit the open port.
How can you mitigate the risk?
If you can, simply shut down IPP; this will mean, of course, you cannot wirelessly print documents.
Blocking the affected Port from the Internet would allow users internal to your location to print files, but not those on the wider Internet – including those working from home or on-the-road.
An much better solution is to use a Virtual Private Network (VPN) to allow only authorized users/computers to access your file system. A VPN protects all of your network traffic, not just IPP traffic.
Resources:
About IPP
https://en.wikipedia.org/wiki/Internet_Printing_Protocol
ZDNet: 80,000 printers are exposing their IPP port online
https://www.zdnet.com/article/80000-printers-are-exposing-their-ipp-port-online/
ShadowServer: Open IPP Report
https://www.shadowserver.org/what-we-do/network-reporting/open-ipp-report/
