Robert Lemos, SecurityFocus 2006-06-25
Workers have become more wary of putting giveaway CDs in their company's computers, but USB flash drives are another story.
Colapse all |
Post comment
USB drives pose insider threat
2006-06-27
Anonymous
Anonymous
I read the original article that this referenced a while back and thought it was unclear just exactly if/how these auditors secured the return communications channel for their trojan. A friend and occasional colleague of mine wrote up why these particular auditors may have been too clever, and might...
[ more ] [ reply ]
[ more ] [ reply ]
USB drives vs. other media
2006-06-27
Anonymous (1 replies)
Anonymous (1 replies)
While USB drives are a threat I think there is a lot of hype surrounding them and bigger issues go unnoticed. Encryption and password protection is important for any mobile workforce. An unencrypted laptop drive or a blackberry without a password would likely provide more useful information to a t...
[ more ] [ reply ]
[ more ] [ reply ]
Re: USB drives vs. other media
2006-06-28
Anonymous
Anonymous
These problems have always been around from the days of floppies. USB drive is another, albeit bigger medium. The same rules/policies still apply. I worked on a project where developers were required to take the laptops home everynight because they were being stolen overnight inside the supposedly s...
[ more ] [ reply ]
[ more ] [ reply ]
Quick fix to disable USB drives on 2K/XP
2006-06-27
Gordon Fecyk
Gordon Fecyk
There's a Group Policy defenition available on XP Pro to disable removable devices, but for those stuck with 2K or who have standalone PCs, or who otherwise don't use Group Policy, someone showed me a real nifty trick.
Remove all permissions from the USB storage device driver INF file.
Yes, ev...
[ more ] [ reply ]
Remove all permissions from the USB storage device driver INF file.
Yes, ev...
[ more ] [ reply ]
USB drives pose insider threat
2006-06-27
Anonymous (1 replies)
Anonymous (1 replies)
This is news?
Come on - USB drives have been an security issue since they came out. In fact, you also have to consider any form of removable media, including CD's.
At some companies like Lockheed and other DOD-type environments, employees can't bring ANYTHING into their work environment, inclu...
[ more ] [ reply ]
Come on - USB drives have been an security issue since they came out. In fact, you also have to consider any form of removable media, including CD's.
At some companies like Lockheed and other DOD-type environments, employees can't bring ANYTHING into their work environment, inclu...
[ more ] [ reply ]
Re: USB drives pose insider threat
2006-10-27
Jeremy Horne, Ph.D.
Jeremy Horne, Ph.D.
Two observations:
In any environment where security is a concern, you must operate as a guard in a maximum security prison. USB thumb-sized storage devices, while they may be prohibited, are small enough to be hidden - even in body orifices. One need only look at what does occur in a prison to se...
[ more ] [ reply ]
In any environment where security is a concern, you must operate as a guard in a maximum security prison. USB thumb-sized storage devices, while they may be prohibited, are small enough to be hidden - even in body orifices. One need only look at what does occur in a prison to se...
[ more ] [ reply ]
USB drives pose insider threat
2006-06-27
Anonymous
Anonymous
The point we should be taking from this article is not that the USB drives pose a threat, like cd's and floppies used to, but that as IT security professionals, we need to focus more on user training and awareness than we do now. User's are still the biggests security hole any company has and a Pow...
[ more ] [ reply ]
[ more ] [ reply ]
USB drives pose insider threat
2006-06-27
Juha-Matti Laurio
Juha-Matti Laurio
One difficult part of this referenced case was to locate the USB sticks to the building(s) without employees knowledge. In real life, this is a quite difficult, always.
Without passing this risk, absolutely no, it appears that a lot of hype from companies providing protection to this threat is incl...
[ more ] [ reply ]
Without passing this risk, absolutely no, it appears that a lot of hype from companies providing protection to this threat is incl...
[ more ] [ reply ]
USB drives pose insider threat
2006-07-10
Anonymous (1 replies)
Anonymous (1 replies)
There are so many problems with this article. First, if I have physical access to the environment in order to "seed" compromised USB's (or any other media for that matter) then the organization has other issues. If I have physical access to your system, it's as good as mine anyway, and I can speci...
[ more ] [ reply ]
[ more ] [ reply ]
Re: USB drives pose insider threat
2006-07-25
Tom
Tom
Read the links. The actual description of the attack stated "...I then proceeded to scatter the drives in the parking lot...."
Just because you have access to the parking lot doesn't mean you have physical access to the system.
Many companies have areas frequented by the public and employees both,...
[ more ] [ reply ]
Just because you have access to the parking lot doesn't mean you have physical access to the system.
Many companies have areas frequented by the public and employees both,...
[ more ] [ reply ]
Software solution to block USB Flash Drive
2006-07-12
Leonardo Cardoso (2 replies)
Leonardo Cardoso (2 replies)
We have an product to block USB FLash Drive on Windows Systems.
It will only block USB FLash Drive. Any other device
will keep working.
Anyone interested, contact me at:
lcardoso at automatos.com
Thanks...
[ more ] [ reply ]
It will only block USB FLash Drive. Any other device
will keep working.
Anyone interested, contact me at:
lcardoso at automatos.com
Thanks...
[ more ] [ reply ]
[ more ] [ reply ]