# Ethernet to USB adapter -- can I use one with a printer?



## tito_john (May 18, 2007)

I'd never heard of Ethernet to USB adapters, but they're out there. I can't seem to figure out exactly what they can be used for, though. It appears you can use one (EDIT) to connect to a wired network (/EDIT) if your laptop doesn't have an Ethernet port.

If the signal levels, logic and timing are compatible for the above use, I wonder if I could use one to connect my personal laser printer (not an all-in-one) to my network?

Both my printer servers are WEP only; new ones here are upwards of $80. I just moved into an urban environment where it's prudent to use better security.

I have an unused game adapter (Linksys WGA54G) that can use WPA, but it has only an Ethernet port. The printer has only USB and parallel printer ports.


----------



## rodcarty (Mar 23, 2011)

I doubt you could use a USB to Ethernet adapter on a printer as it requires driver software installed on the device you plug the USB connector into.

I don't see that there is much risk in not having your printers secure. I suppose someone might hack your wireless network and send a huge print job to the printer, wasting ink and paper, perhaps putting undesirable content on paper in your new place, but otherwise what can they do?

The only risk I see is if your computer's connection to the router is using only WPA, because you might have your computer hacked then. I recommend you add MAC address restrictions to the router. Unless you're using a D-Link this should make the wireless quite sufficiently secure. (Don't waste your time configuring this if you're using a D-Link as it probably won't work properly.) On LinkSys routers you can look at the clients list in the Status tab and it gives you the MAC address. Just copy/paste those into your MAC address allowed list. This will add further security to your wireless connections to your printers as well, although if the printers are set to ad-hoc topology then they'll accept print jobs from any wireless device. (If you can, set them to Infrastructure mode so they only accept traffic fromt he router.)


----------



## fairnooks (Oct 1, 2007)

I don't think MAC address restrictions slow a real hacker down much since they can just clone one after WPA is dispensed with and they're in.


----------



## Rockn (Jul 29, 2001)

I have never heard of such an adapter. Just get a good quality wireless print server with USB and ethernet.


----------



## zx10guy (Mar 30, 2008)

That is correct. MAC address restrictions do very little to nothing in slowing a hacker. It can be more of a nuissance to deal with MAC address restrictions than any little security it provides. I have been running MAC address restrictions on my APs but will probably remove the feature in favor of a much much more secure scheme of 802.1x.

As far as why you would want to protect your printer, it is every bit of a security vulnerability to your network as a regular PC. Depending on the functionality of your printer, most printers run some sort of print server type serivce. This sub system runs an OS just like any other PC and has buffer space, etc. The obvious vulnerability would be exposing the data you send to the printer but the other less thought about vulnerability is malicious code being placed in the printer. There was a published sutdy a while ago where a hacker showed how they were able to infiltrate a network by imbedding code into an HP printer with a Jet Direct card. Because the network administrators were only concerned about the PCs and not the printers, the hacker was able to walk the network and launch attacks against various PCs and servers.

Just something to think about.


----------



## rodcarty (Mar 23, 2011)

It's true it's possible to clone the MAC address and thus gain access to the network. That assumes the device that owns that MAC is not active at the time. It also assumes a higher than average level of expertise in the hacker in order to find the MAC address and clone it. I suppose it's possible that even a home network could be hacked in this way, although I don't see that it would bring much return for the hacker.

Good information about hacking a network through the printer, thanks.


----------



## Hughv (Jul 22, 2006)

In my area I used to see a lot of them. The cable ISP used them to connect PCs that had no Ethernet card. My Tivo runs off one to this day.



Rockn said:


> I have never heard of such an adapter. Just get a good quality wireless print server with USB and ethernet.


----------



## zx10guy (Mar 30, 2008)

rodcarty said:


> It's true it's possible to clone the MAC address and thus gain access to the network. That assumes the device that owns that MAC is not active at the time. It also assumes a higher than average level of expertise in the hacker in order to find the MAC address and clone it. I suppose it's possible that even a home network could be hacked in this way, although I don't see that it would bring much return for the hacker.
> 
> Good information about hacking a network through the printer, thanks.


You'd be surprised how easy it is to clone MACs. It doesn't require anyone with much expertise to do it. There are how to guides available if you do a search and readily available tools which make the process almost "plug and play."

No problem with the info about hacking a networked printer. Glad you found it useful.


----------



## tito_john (May 18, 2007)

rodcarty said:


> I doubt you could use a USB to Ethernet adapter on a printer as it requires driver software installed on the device you plug the USB connector into.


That sounds right, but the USB connector is going into the printer. I guess you mean at the computer end of what would be a USB cable, except now we're trying to substitute an Ethernet cable, and that's pointing at a TCP/IP stack in the router, not a printer driver in the computer.  Too bad.

The more I think about this, the less sure I am of what I know and what I don't know (and what I think I know that ain't so!). I'd thought about putting the printer in the DMZ with the legacy printer server and no encryption, but I didn't think I could. Will a wireless AP allow simultaneous connections on the LAN side with encrypted and non-encrypted wireless adapters? I thought not.

I asked a question on the DD-WRT site about using two routers, one with WPA2 and one with WEP for the printers, on different networks with some hocus-pocus in the routing tables. There weren't many replies, but the consensus was that I had my head up my butt if I thought I could do that securely.


----------



## Rockn (Jul 29, 2001)

I understand what you are referring to now as a USB ethernet adapter, but I doubt it will ever work plugging it into the USB port of a printer. Unless it is a wireless print server or similar device it will not work. THere is no login on the USB key or the printer itself to manage that adapter. All it is basically is an antenna.


----------



## zx10guy (Mar 30, 2008)

So if you really want to do isolation of your printer using WEP, here is what you can do.

Yes, there are APs out there which support multiple encryption types (to include no encryption) at the same time. The catch is that each encryption type requires a different SSID associated with it. In addition, the APs provide SSID separation via VLANs into your wired network. So you'll need to have a switch that understands 802.1Q VLAN tagging. Next comes the requirement to have a router/firewall with interfaces sitting on both VLANs to allow traffic to route between the two. The router/firewall has to be set up such that the proper traffic flow is allowed and the ones you want to secure against are blocked. I have this running on my home network now with two Netgear SMB APs.

I can't speak for DD-WRT or other firmware hacks but you might be able to use software of this type that might support multiple SSIDs and encryption types. If it supports this along with the ability to create VLAN interfaces, then you can have what I described above all running in a single box.


----------



## zx10guy (Mar 30, 2008)

USB to network adapters will only work on a device if the device's firmware/OS has support for it. Most likely your printer will not have this support.


----------



## tito_john (May 18, 2007)

Thanks to all of you, and especially to you, zx10guy. I'll poke around and see what my router is capable of. The language barrier will be a bit daunting, though. 

And I'm sure this little Brother laser -- an HL-2040 -- has nothing but the very stripped down support inside it.

I just hate to throw those printer servers away and buy new ones...


----------

