SanDisk Cruzer Micro - Page 6 - NetStumbler.org Forums

11-26-2007

#76 (permalink)

Airstreamer

Sniffin' the aether

Join Date: Nov 2004

Location: A little North of Reason

Posts: 2,700

Quote:

Originally Posted by Thorn

That sounds like this report.

Yup! Dat iz it!!

__________________
"Wait just a minute, now. Whaddya mean, you DON'T use Regedit to send email?"

11-26-2007	#77 (permalink)
audit Mentally Fucked up! Join Date: Aug 2002 Location: Deep in the Woods. Posts: 1,895	The credit union network wasn't setup correctly then IMHO. All the networks that I configure, I don't allow any traffic out except for http and https traffic. And that goes through the proxy and firewall so it's logged and anything out of the ordinary gets flagged right away. Unless the Trojan was using port 80 or 443 to send the info back, I'd be going after the guys that setup the network security. __________________ audit Blackberry Outage Mail List. Be the one of first people to know about RIM outages. Blackberry Chat Mail List. My day to day life.

11-26-2007

#78 (permalink)

Barry

Managing the iTards.

Join Date: Dec 2002

Location: Ohio

Posts: 5,185

Quote:

Originally Posted by audit

The credit union network wasn't setup correctly then IMHO. All the networks that I configure, I don't allow any traffic out except for http and https traffic. And that goes through the proxy and firewall so it's logged and anything out of the ordinary gets flagged right away. Unless the Trojan was using port 80 or 443 to send the info back, I'd be going after the guys that setup the network security.

We had, they fixed it after a year, a Wells Fargo right across the street from our vocational school with an open wireless network. It was a non-broadcasting ssid, but that was it. We went over and told them, but they weren't concerned.

__________________
Penny's giving it up. She's giving it up hard. Cause she's with Captain Hammer, and these, are not the hammer...... The hammer is my penis. --- Captain Hammer, Dr. Horrible's Sing-Along Blog.

11-26-2007	#79 (permalink)
Thorn Did you do the math? Join Date: Apr 2002 Location: Villa Straylight Posts: 9,980	Thread moved to Hardware. __________________ Thorn "You guys'll be chalk outlines without me."

11-30-2007

#80 (permalink)

Thorn

Did you do the math?

Join Date: Apr 2002

Location: Villa Straylight

Posts: 9,980

Quote:

Originally Posted by audit

I have the admin's in a separate OU and a different GPO so it doesn't affect us. And I do agree that it affects the local admin but I don't have my network setup where it would affect them. I just don't want the USB ports enabled at all.

I was thinking about this today, while at a client's in stalling a new Dell Vostro. Much of what used to have other ports has now gone to USB, specifically the keyboard, mouse, printer. The things that aren't USB are now just the display, speaker, and network. Creating a GPO turning off USB would render these PCs useless, or at least damned difficult to work. Now I'm wondering if there's some way to set a policy so that that disk device won't be allowed, but other devices would still be usable.

__________________
Thorn
"You guys'll be chalk outlines without me."

11-30-2007	#81 (permalink)
beakmyn root\.workspace\.garbage. Join Date: Aug 2003 Posts: 4,777	How to disable the use of USB storage devices __________________ It's not Intelligent Design, it's peer pressure. ┌──────────────────────────────┐ ╞ NS Icons Explained\|et hoc genus omne ╡ └──────────────────────────────┘

12-01-2007

#82 (permalink)

DaKahuna

Dirty Ol' Man

Join Date: Jan 2006

Location: If you find out, let me know!

Posts: 414

Quote:

Originally Posted by Thorn

I particpated in a demonstration with Micro$oft where only a specific brand of USB devices were able to be connected to a laptop, desktop and Dell rack mounted server using GPO on Windows Servers 2007 and Vista Enterprise. You can specify the brand of a USB device and only that brand can connect.

Another option that i am currently investigating is mandatory encryption for all removable media. If it is not encrypted using the program on the desktop/server then a USB device or CD/DVD, can only be read from but not written to.

So I would say the answer to your question is yes, it can be restricted.

12-01-2007

#83 (permalink)

Starpoint

Registered Member

Join Date: Apr 2003

Location: Houston

Posts: 2,312

Quote:

Originally Posted by Thorn

I have seen GPO's set up so that USB mice, KB, network adapters etc.. anything that is not a storage device is allowed.
And it can be tightened down from there.

__________________
Against the run of the mill, static as it seems

We break the surface tension with our wild kinetic dreams
Curves and lines -- of grand designs...

Tonight's movie "Soylent Green" has been brought to you by our sponsor - Waste Management

My mind is like a Steel trap - Rusty and Illegal in most states

01-30-2008	#84 (permalink)
renderman Drunken Stumbler Join Date: Jun 2002 Location: Anywhere but Utah Posts: 1,792	Grrrr. Had an over zealous anti virus program munch my switchblade drive so I went about installing Beakmyns version that he customized. It Failed. Back to the old switchblade. Fail Any recent re-flashes gone well? __________________ Never drink anything larger than your head! Scaramental Wine Taster for the Church Of WiFi Buy our book: RFID Security "I reject your reality, and substitute my own!" – Adam Savage CoWF WPA Hash Tables

01-30-2008

#85 (permalink)

beakmyn

root\.workspace\.garbage.

Join Date: Aug 2003

Posts: 4,777

Quote:

Originally Posted by renderman

Grrrr. Had an over zealous anti virus program munch my switchblade drive so I went about installing Beakmyns version that he customized.

It Failed.

Back to the old switchblade. Fail

Any recent re-flashes gone well?

My nearly cutting edge one is here, it's the one I run. There's a changelog in the system/src

RapidShare: 1-Click Webhosting

This uses a new format with ini file and vbs scripting for everything. Unfortunately, I'll be out of the office today but I think you can figure it out. Disable your antivirus when flashing the U3. I've had no problems with this one, Antivirus may complain when running it but since the files are on a CD-ROM partition the AV can't erase them.

Don't forget to put a file named safety.txt into your root dir to prevent scanning yourself.

__________________
It's not Intelligent Design, it's peer pressure.

┌──────────────────────────────┐
╞ NS Icons Explained|et hoc genus omne ╡
└──────────────────────────────┘

Last edited by beakmyn : 01-30-2008 at 04:55 AM.

04-21-2008	#86 (permalink)
theprez98 SpoonfeederExtraordinaire Join Date: Jan 2005 Location: Maryland Posts: 3,624	beakmyn, have you seen this? SourceForge.net: u3-autorun Replacement for Launchpad. __________________ :00475160 0E A6 AE A0 19 E3 A3 46 .......F :00475168 0D 65 17 0C 53 70 6F 6F .e..Spoo :00475170 6E 66 65 65 64 65 72 2E nfeeder. :00475178 45 78 74 72 61 6F 72 64 Extraord :00475180 69 6E 61 69 72 65 5D 3B inaire]; :00475188 8B 9E 92 5A FF 5D A6 F0 ...Z.]..