Security Basics mailing list archives
Re: USB Qusetion
From: "Saqib Ali" <docbook.xml () gmail com>
Date: Thu, 11 Jan 2007 11:09:36 -0800
u have to modify HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\SERVICES\USBSTOR search for it on google. u will have lot of batch files and other info. on a separate note: As it turns out employees don't like their external storage device to be "fully encrypted" or "blocked", and manually creating encrypted vaults/folders on the device is too cumbersome and error prone. People forget to save the files in the encrypted folder or create a backup in the non-encrypted portion etc. The alternative is to use encryption suites that provide policy based encryption. Some examples: Securewave Device Control (http://www.securewave.com/usb_security.jsp) Credant (http://www.credant.com/content/view/219/152/) Onigma (http://www.mcafee.com/us/enterprise/products/data_loss_prevention/index.html) Pointsec (http://www.pointsec.com/products/removablemedia/) DiskNet Pro (http://www.reflex-magnetics.com/products/disknetpro/) These products only encrypt information bound for external storage media from a protected system. Everything else remains decrypted. Pointsec Media Encryption provides encryption for removable media by policy such that all data added to the media bound data is encrypted. A fully automatic encryption would cause issues for devices (e.g. digital cameras and media players), where the media should be readable, but if not modified (e.g. written back) then it should stay clear text. That is why PME "only" encrypts data if it is being copied from the company computer. saqib http://www.full-disk-encryption.net On 10 Jan 2007 23:48:45 -0000, blufuzion () mail com <blufuzion () mail com> wrote:
Hello, I am new to the list.I am a new network admin and my boss wants me to disable usb drives from reading USB/thumb drives but still be able to use the mouse and keyboards. I was thinking of disabling them in the BIOS. Can you give me any suggestions? --------------------------------------------------------------------------- This list is sponsored by: ByteCrusher Detect Malicious Web Content and Exploits in Real-Time. Anti-Virus engines can't detect unknown or new threats. LinkScanner can. Web surfing just became a whole lot safer. http://www.explabs.com/staging/promotions/xern_lspro.asp?loc=sfmaildetect ---------------------------------------------------------------------------
-- Saqib Ali, CISSP, ISSAP http://www.full-disk-encryption.net --------------------------------------------------------------------------- This list is sponsored by: ByteCrusher Detect Malicious Web Content and Exploits in Real-Time. Anti-Virus engines can't detect unknown or new threats. LinkScanner can. Web surfing just became a whole lot safer. http://www.explabs.com/staging/promotions/xern_lspro.asp?loc=sfmaildetect ---------------------------------------------------------------------------
Current thread:
- USB Qusetion blufuzion (Jan 11)
- Re: USB Qusetion Kelly Martin (Jan 11)
- RE: USB Qusetion Nick Duda (Jan 12)
- Re: USB Qusetion Saqib Ali (Jan 12)
- RE: USB Qusetion Tom Geairn (Jan 12)
- Re: USB Qusetion Justin Lintz (Jan 12)
- RE: USB Qusetion Nick Vaernhoej (Jan 12)
- Re: USB Qusetion David Bergert (Jan 12)
- RE: USB Qusetion David Gillett (Jan 12)
- RE: USB Qusetion Ricky Artigas (Jan 15)
- Re: USB Qusetion Eric McMillen (Jan 12)
- Re: USB Qusetion Joel W Pauling (Jan 12)
- Re: USB Qusetion Hitesh Bhardwaj (Jan 12)
- <Possible follow-ups>
- Re: USB Qusetion jay.tomas (Jan 12)
(Thread continues...)
- Re: USB Qusetion Kelly Martin (Jan 11)