Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Focus-Microsoft
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Disabling USB mass storage

from [Steven Hay] Network Security [Permanent Link]
Subject: RE: Disabling USB mass storage
Date: Fri, 4 Mar 2005 13:17:40 -0700 
I'm not sure I entirely understand the question Weber.  If we can get a GPO
in our organization that will successfully supress USB drives it should stop
an Ipod and any MP3 device from working, but testing would let us/you know
for sure.

-----Original Message-----
From: Weber Ress [mailto:weber_ress@hotmail.com] 
Sent: March 4, 2005 11:09 AM
To: Steven Hay
Cc: 'focus-ms@securityfocus.com'
Subject: Re: Disabling USB mass storage


Hi,

The GPO works with an Apple IPod ??

Thank's

Weber Ress


Steven Hay wrote:

Removable drives, yes.

If we can do it by GPO then we're hoping we can decide what 
systems/users can be allowed to use removable storage devices (like 
camera's, USB drives, etc).  Ideally we'd like to have it so a few 
manager's systems are allowed, as well as IT staff.

-----Original Message-----
From: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] 
[mailto:sbradcpa@pacbell.net]
Sent: March 3, 2005 10:14 PM
To: Steven Hay
Cc: 'focus-ms@securityfocus.com'
Subject: Re: Disabling USB mass storage


HOW TO: Disable the Use of USB Storage Devices in Windows XP: 
http://support.microsoft.com/default.aspx?scid=kb;en-us;823732

Disable completely?

Steven Hay wrote:



Good topic question, one we're having issues with as well, but with XP
SP1.

We want to disable any removable drives from working on our 400+
workstations without having to visit each one.

I tried denying access to usbstor.sys in the GPO, and confirmed that
the policy was applied to our test system.  But it seems like the 
system privliges override the GPO rights (I'm guessing) as the 
removable drive letter pops up and is usable when a USB drive is 
connected.

Anyone have any experience with locking these down using GPO?

Steve

-----Original Message-----
From: Moser, Scott [mailto:scott.moser@smead.com]
Sent: March 3, 2005 12:40 PM
To: Martin a Marika TYDOROVCI; focus-ms@securityfocus.com
Subject: RE: Disabling USB mass storage


Create new key
HKLM\System\CurrentControlSet\Control\StorageDevicePolicies
and then create REG_DWORD called WriteProtect and set to 1.  This will
prevent write only (not read) in XP SP2 only.

-----Original Message-----
From: Martin a Marika TYDOROVCI [mailto:tydy@szm.sk]
Sent: Wednesday, March 02, 2005 2:10 PM
To: focus-ms@securityfocus.com
Subject: Disabling USB mass storage

Hi list,

Does anyone knows a way to disable USB mass storage device in Win XP? 
I
need to disable using devices such as USB flash drive, card readers, 
etc.

Regards

----------------------------------------------------------------------
-
-
---
------------------------------------------------------------------------
---



----------------------------------------------------------------------
-
----
--------------------------------------------------------------------------

-

Please note that Internet email is not always private, secure or reliable.
The sender accepts no liability for any damages caused by any virus
inadvertently transmitted with this email.  Any opinion expressed in this
email is solely that of the author, unless clearly indicated otherwise.
This email, and any attachments, may contain confidential and/or


proprietary


information that is intended only for use by the addressee.  If you 
are not the intended recipient, any use, dissemination, forwarding, 
printing, or copying of this email is strictly prohibited.  If you 
received this email


in


error, please delete the email and advise the sender of the delivery 
error.

----------------------------------------------------------------------
-
----
--------------------------------------------------------------------------

-










---------------------------------------------------------------------------
---------------------------------------------------------------------------
Please note that Internet email is not always private, secure or reliable.
The sender accepts no liability for any damages caused by any virus
inadvertently transmitted with this email.  Any opinion expressed in this
email is solely that of the author, unless clearly indicated otherwise.
This email, and any attachments, may contain confidential and/or proprietary
information that is intended only for use by the addressee.  If you are not
the intended recipient, any use, dissemination, forwarding, printing, or
copying of this email is strictly prohibited.  If you received this email in
error, please delete the email and advise the sender of the delivery error.

---------------------------------------------------------------------------
---------------------------------------------------------------------------
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Disabling USB mass storage, Kurt Dillard
Next by Date:  RE: computer account password...., Brady McClenon
Previous by Thread:  RE: Disabling USB mass storage, Kurt Dillard
Next by Thread:  Re: Disabling USB mass storage, browro
Indexes:  [Date] [Thread] [Top] [All Lists]