Rapid Assessment Key Technical/Security Overview
The Rapid Assessment Key has is a stand alone application contained on a USB Key. No software is installed to the computer that the key is plugged into.
The RAK key performs a SNMP read-only query against a range of IP addresses provided to it. It does not scan IP ranges outside to those provided to it. No personal information is collected such as user or document names. Only the following information is collected from printers based on RFC 3805:
- Printer name, make and model
- Serial number
- IP Address
- MAC Address
- Page Counts
- Toner levels
- Other printer details such as Hostname, Firmware version may be detected if present on the printer.
The information collected on printers are stored locally on the RAK in a proprietary database. However, the data may be exported to a CSV file, XML file or a file format understood by several third party applications.
The Rapid Assessment Key (RAK) uses SNMP (Simple Network Management Protocol) for its scanning. It uses SNMPv2 wherever possible to cut down on network "chatter", but will fallback to SNMPv1 for devices that do not support SNMPv2. The RAK key also uses ICMP (ping) packets to aid in device discovery.
The Discovery Scan uses SNMP scanning within the internal network only, via the standard SNMP port (UDP port 161).
Once a scan has been initiated, the RAK key will generate between 30 and 50 KB of bidirectional traffice per device scanned. The RAK uses the RAM on the host computer to operate and does not write any information to the computer's disk drives.
How did we do with this article?