631 - Internet Printing Protocol(IPP)

👉 Overview

👀 What ?

Internet Printing Protocol (IPP) is a network protocol for remote printing and printer management developed by Printer Working Group (PWG). It is based on HTTP and provides a standard protocol for users to send print jobs to printers on a different network or over the internet.

🧐 Why ?

IPP is important because it allows for remote printing, making it possible for users to print documents from anywhere. It is also crucial for printer management, allowing for tasks like querying printer capabilities, managing print jobs, and notifying the user of printer events. Understanding IPP is essential for network administrators to secure their printing environments, as vulnerabilities in the protocol can be exploited for data exfiltration or other attacks.

⛏️ How ?

To use IPP, you'll need a printer that supports the protocol and a client device with IPP client software. The client sends an HTTP request to the printer's IPP listener, which processes the request and sends back an HTTP response. The requests and responses are made up of IPP attributes, which define the operation to be performed and the job parameters. To secure your IPP environment, you should ensure that your printers are up-to-date with the latest firmware, use secure IPP (IPPS) where possible, and restrict access to your printers to trusted users and networks.

⏳ When ?

The Internet Printing Protocol was first introduced in the late 1990s and has been widely adopted since then.

⚙️ Technical Explanations

The Internet Printing Protocol (IPP) is a network protocol that allows remote printing and printer management. It operates over HTTP, leveraging its transport and security features. IPP introduces a new MIME media type, application/ipp, which is used for the data in the HTTP entity-body.

An IPP message is composed of an operation and a set of attributes. Each operation is identified by an operation-id, and the attributes elaborate the operation parameters. The protocol supports a variety of operations. For instance, the Print-Job operation sends a document to be printed, the Get-Printer-Attributes operation queries a printer's capabilities, and the Get-Job-Attributes operation retrieves the current status of a print job.

Security in IPP is maintained by the underlying HTTP layer. HTTPS provides secure communication, safeguarding the data being transferred. Moreover, authentication, authorization, and access control can be implemented at this layer, ensuring that only authorized users can access and perform operations on the printer.

To use IPP, a printer that supports the protocol and a client device with IPP client software are required. The client sends an HTTP request to the printer's IPP listener. This listener processes the request and sends back an HTTP response. The requests and responses consist of IPP attributes, which define the operation to be performed and the job parameters.

For a secure IPP environment, it is essential to keep the printers updated with the latest firmware, use secure IPP (IPPS) wherever possible, and restrict printer access to trusted users and networks.

IPP was first introduced in the late 1990s and since then it has been widely adopted due to its ability to enable printing from any location and robust printer management features.

Here's a detailed, educational example of using the Internet Printing Protocol (IPP):

Suppose you need to print a document from your client device to a network printer that supports IPP. Here are the steps to achieve this:

  1. Setup: Ensure that your printer supports IPP and is connected to the network. Also, your client device should have IPP client software installed.
  2. Discover Printer: Use a command like lpstat -v to discover available printers on the network. This command lists all the available printers with their URIs. You should see a URI that looks something like ipp://printer's IP address/ipp/port1.
  3. Print Job: To send a print job to the printer, you can use a command like lp -d <printer_name> <file_path>. This command sends a Print-Job operation to the printer. Replace <printer_name> with the name of your printer and <file_path> with the path to the document you want to print.
  4. Get Attributes: To retrieve the printer's capabilities, you can send a Get-Printer-Attributes operation. This can be done using the ipptool utility with a command like ipptool -tv ipp://printer's IP address/ipp/port1 get-printer-attributes.test. The get-printer-attributes.test file should contain an IPP Get-Printer-Attributes request.
  5. Check Job Status: To check the status of your print job, you can use the lpstat -o <printer_name> command. This sends a Get-Job-Attributes operation to the printer to retrieve the current status of your print job.
  6. Secure Your Environment: To secure your IPP environment, it's recommended to use IPPS (Secure IPP) when possible. This can be done by using HTTPS in your printer URI, like ipps://printer's IP address/ipp/port1. Also, keep your printer's firmware up-to-date and restrict access to your printer to trusted users and networks.

Remember, this is an educational example. In a real-world scenario, you would need to replace the placeholders with actual values that match your network and printer setup.

We use cookies

We use cookies to ensure you get the best experience on our website. For more information on how we use cookies, please see our cookie policy.