Re: USB ports Network

[MaddHatter <maddhatt+securitybasics () cat pdx edu>]

> Each drive will create an admin share.  You can simply look at how many
> admin shares your machines have (try to map to f$, g$, etc through
> script.)

An admin share will only appear if there is plugged in a USB mass
storage device at the time the scan takes place. This doesn't tell you
anything about the state of the USB ports themselves, nor does it reveal
any USB non-mass-storage devices.

I don't have an a ready example I can give you, but you should be able to
write a WMI script that looks for instances of Win32_USBController and/or
Win32_USBHub (which will enumerate the root hubs if they are enabled
in the BIOS and Windows has loaded a driver for them). Just look for an
example of a WMI script that enumerates hotfixes or users or something,
and change the class name to Win32_USB*.

WMI will let you connect remotely to other computers if you have admin
rights on them (and access to the DCOM ports), so a script could iterate
over all the computers in your domain (which could also be pulled via
the same script from AD if you wanted).

If you have WMI questions, you can ask here or you might get better
help from the MS WMI-related newsgroups.