[Web4lib] hacking Time Management system thru USB
Thomas Bennett
bennetttm at appstate.edu
Fri May 23 10:24:52 EDT 2008
Try this, assuming you are using Windows PC which was not stated in your post,
in explorer go to \windows\system32\drivers\USBSTOR.SYS and right click on it
and choose properties from the context menu. Choose the Security tab. I
think you will find Administrators, Users, and other accounts there. If your
machine does not login as Administrator click on the Users label. If the
values for Read & Execute are gray then you will need to click on the
Advanced button and disable inherited permissions. You should be able to
uncheck the Read & Execute check box.
I haven't tried this but looks to me like that should do it. If you allow
users to otherwise use USB devices then you may want to make sure Read,
Write, and Modify are allowed.
There is a good slide show where I found this at
http://www.slideshare.net/wagnerelias/usb-security
It also shows other security approaches for USB.
This disables the USB Sticks altogether
http://www.petri.co.il/disable_usb_disks.htm
It gives directions to change the key
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\USBSTOR
to a value of 4 to block usage of USB Removable Disks
Change to 3 to re-enable.
Tom
On Thursday 22 May 2008 15:19, Simmons, Chris wrote:
> Hi, we've had a couple security breaks from users using Flash Drives. We
> suspect it may be a result of using Auto Start to run programs from behind
> the shell. We tried replicating with a U3 drive but couldn't, maybe we
> don't have the devious mind of a hacker ): Has anybody had any experience
> with this? We're hoping to disable certain .exe files as locking down USB
> access (as our IT security may suggest) would be overkill and not at all
> feasible with our public needs. Thanks!
> Chris Simmons
> Desktop Librarian
> Ottawa Public Library
>
>
>
> This e-mail originates from the City of Ottawa e-mail system. Any
> distribution, use or copying of this e-mail or the information it
> contains by other than the intended recipient(s) is unauthorized.
> If you are not the intended recipient, please notify me at the
> telephone number shown above or by return e-mail and delete
> this communication and any copy immediately. Thank you.
>
> Le présent courriel a été expédié par le système de courriels de
> la Ville d'Ottawa. Toute distribution, utilisation ou
> reproduction du courriel ou des renseignements qui s'y trouvent
> par une personne autre que son destinataire prévu est interdite.
> Si vous avez reçu le message par erreur, veuillez m'en aviser par
> téléphone (au numéro précité) ou par courriel, puis supprimer
> sans délai la version originale de la communication ainsi que
> toutes ses copies. Je vous remercie de votre collaboration.
> _______________________________________________
> Web4lib mailing list
> Web4lib at webjunction.org
> http://lists.webjunction.org/web4lib/
--
====================================================================
Thomas McMillan Grant Bennett Appalachian State University
Operations & Systems Analyst P O Box 32026
University Library Boone, North Carolina 28608
(828) 262 6587
"... using OpenOffice.org, and save them back to disk automatically,
in MS Word format. They surf the Web, check e-mail, do instant
messaging, view YouTube videos, visit their Facebook pages, learn
touch-typing skills and lots more. Our public library has been
offering these Linux public stations for the past three years."
- Phil Shapiro Linux Journal January 2008
Library Systems Help Desk: https://www.library.appstate.edu/help/
====================================================================
More information about the Web4lib
mailing list