Setting up remote network printers is not substantially different from the local setup process, but because SUSE Linux 10 gives you a choice, let's show you how to set this up in the KDEPrint wizard. To open KDEPrint, go to Printers in the KDE menu. Figure 7.7 shows you the existing printers it has autodetected. Figure 7.7. KDEPrint displays autodetected and manually added printers.Click Add to select your remote printer. You have several choices of network printer interfaces. Both Network Printer and Network Printer w/IPP options allow you to scan your network for printers to connect to. The Remote CUPS Server and Remote LPD Queue (which you should only use if the printer you are trying to use does not support CUPS) require you to enter an IP address manually. When you select Network Printer, Figure 7.8 appears. Figure 7.8. Scan your network for available printers with this wizard screen.Click Scan to check your network for printers, which will appear in the main window on the left. If you know the location of the printer already, you can also enter the address and port manually. Click Next to confirm your settings. To connect to a remote CUPS server, you must know the IP address of the server. You will first be asked if the remote server requires authentication, or is anonymous. If necessary, type your username and password for the CUPS server (which may be the same as your SUSE Linux login). Click next, and enter the IP address of the server, and the wizard will connect to the address. Confirm your settings, and you're in. You can also connect to Windows printers through Samba. See Chapter 25, "Setting Up Networks and Samba," for more information on this. As a last resort, SUSE Linux also will try to connect with remote CUPS servers that may be available on the Internet. As noted previously, CUPS uses the Internet Printing Protocol to connect to printers. Network printers can thus communicate with CUPS clients via port 631. If configured properly, the network printer can send out broadcast packets when it is available for printing jobs. In the YaST Printer Configuration dialog box (refer to Figure 7.1), you can set your computer to Listen to Remote CUPS Servers to Get Comfortable Access to Remote Queues. The problem with this method is that you risk the possibility that an attacker sends IPP broadcasts to your computer announcing available print queues, and you accidentally print to a counterfeit queue. You may believe the job is sent to a local server, whereas in reality it is sent to the attacker's server. To use this method, port 631/UDP must be open for incoming packets from the network, but not from outside your network or the Internet. The way to solve this problem is to configure the SUSE Firewall appropriately. This means enabling listening only via the Internal Network interface, not the External (Internet) interface. If your firewall is not turned on when you configure your printer, you are putting your print data at risk. If necessary, open the YaST Firewall module and turn it on before setting up Listen mode (you can have two YaST modules open simultaneously). Pay attention to how the Firewall has identified your Internal and External interfaces, because you will need to know the External interface in the Printer setup. When you have the firewall turned on, go back to the Printer setup and click Change next to the line telling you Port for Listening to Remote CUPS Servers is Closed by Firewall. Now check the Open Port in Firewall box; the Firewall Details button will become active. Click the button; both interfaces will be checked, but won't be identified as Internal and External. Uncheck the box matching the External interface. Click OK to confirm your choice and return to the main Printer menu; then click Finish to complete the operation. |