Security Basics mailing list archives
RE: USB and smart drives
From: "Benny Late" <lvmygop () hotmail com>
Date: Fri, 05 Mar 2004 09:47:00 -0600
We have NAI av in place. It's up to date and functions very very well. I appreciate all the replies!
B
From: "ken kousky" <kkousky () ip3inc com>To: "'Benny Late'" <lvmygop () hotmail com>, <security-basics () lists securityfocus com>Subject: RE: USB and smart drives Date: Fri, 5 Mar 2004 07:23:00 -0500 Reading and writing to usb drives are system events that can be addressed through event logging technologies. We work with InfoExpress, I use only as an example, as a tool to map a written policy on information usage into system policies where the actual data flows can be logged AND blocked if the policy so designates.Remember, if you're going to write policy, you want to be able to enforce itand audit it. In terms of scanning the data flows, that's the role of desktop a/v's and the issue is when you trigger scans. Every time a file is moved, when the system boots, etc. Which client a/v are you using? KWK -----Original Message----- From: Benny Late [mailto:lvmygop () hotmail com] Sent: Thursday, March 04, 2004 3:18 PM To: security-basics () lists securityfocus com Subject: USB and smart drives Has anyone implemented a policy or process to protect networks from viruses brought in by users with USB drives, that are not company issued so no passwords etc.I'm thinking that AV with on access and write to disc scans should help, butI'd like to see some of the policies others have implemented. Many thanks, Benny _________________________________________________________________ Learn how to help protect your privacy and prevent fraud online at Tech Hacks & Scams. http://special.msn.com/msnbc/techsafety.armx --------------------------------------------------------------------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ----------------------------------------------------------------------------
_________________________________________________________________Frustrated with dial-up? Lightning-fast Internet access for as low as $29.95/month. http://click.atdmt.com/AVE/go/onm00200360ave/direct/01/
---------------------------------------------------------------------------Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------
Current thread:
- USB and smart drives Benny Late (Mar 04)
- RE: USB and smart drives ken kousky (Mar 08)
- Re: USB and smart drives Murad Talukdar (Mar 08)
- <Possible follow-ups>
- RE: USB and smart drives Mike (Mar 08)
- Re: USB and smart drives steve (Mar 08)
- RE: USB and smart drives ken kousky (Mar 09)
- RE: USB and smart drives Aditya, ALD [Aditya Lalit Deshmukh] (Mar 10)
- Re: USB and smart drives steve (Mar 08)
- RE: USB and smart drives Benny Late (Mar 08)