Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: USB Usage Policy

from [Alexandre Skyrme] Network Security [Permanent Link]
Subject: RE: USB Usage Policy
Date: Mon, 22 Nov 2004 16:28:11 -0200 
Greetings John,

Recently there was a thread on the Forensics list about blocking USB write
attempts. You can search for it on one of the list's archives, it was
entitled "USB Write Blocker but going the other way?!".

You could also take a look at a registry setting for XP SP2 that allows one
to prevent write operations to USB block storage devices. The link was also
posted on the refered Forensics thread:
http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/sp2otech.mspx
#ECAA

Tipically in cases like that you'll need a combo of technical measures
preventing users from using such devices and a good written policy that you
must make your users aware of, with applicable penalties in case of
non-compliance.

Regards,
--
Alexandre Skyrme
Cipher - Segurança da Informação
+55-21-2529-2629
www.ciphersec.com.br
 
Esta mensagem eletrônica pode conter informações privilegiadas e/ou
confidenciais, portanto fica o seu receptor notificado de que qualquer
disseminação, distribuição ou cópia não autorizada é estritamente proibida.
Se você recebeu esta mensagem indevidamente ou por engano, por favor,
informe este fato ao remetente e a apague de seu computador imediatamente.

This e-mail message may contain legally privileged and/or confidential
information, therefore, the recipient is hereby notified that any
unauthorized dissemination, distribution or copying is strictly prohibited.
If you have received this e-mail message inappropriately or accidentally,
please notify the sender and delete it from your computer immediately.




-----Original Message-----
From: John Madden [mailto:chiwawa999@yahoo.com] 
Sent: quinta-feira, 18 de novembro de 2004 19:46
To: security-basics@securityfocus.com
Subject: USB Usage Policy


Hi,

I was wondering if anyone had a USB usage policy or if
an organization as already put one together. I've
searched but couldn't find one.

My focus is USB Strorage devices.

Basicly i'm looking for ammo for not using them. 

Thank you


                
__________________________________ 
Do you Yahoo!? 
The all-new My Yahoo! - Get yours free! 
http://my.yahoo.com
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  FW: Changing IP address as standard user, Luis Osorio
Next by Date:  FW: SQLServer SA password recovery, Barbara Filkins
Previous by Thread:  USB Usage Policy, John Madden
Next by Thread:  Re: USB Usage Policy, Deborah Talley
Indexes:  [Date] [Thread] [Top] [All Lists]