RE: Disabling USB mass storage
From: Steven Hay (shay_at_communitysavings.ca)
Date: 03/04/05
- Previous message: Kurt Dillard: "RE: Disabling USB mass storage"
- Maybe in reply to: Martin a Marika TYDOROVCI: "Disabling USB mass storage"
- Next in thread: browro_at_samc.com: "Re: Disabling USB mass storage"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: 'Weber Ress' <weber_ress@hotmail.com> Date: Fri, 4 Mar 2005 13:17:40 -0700
I'm not sure I entirely understand the question Weber. If we can get a GPO
in our organization that will successfully supress USB drives it should stop
an Ipod and any MP3 device from working, but testing would let us/you know
for sure.
-----Original Message-----
From: Weber Ress [mailto:weber_ress@hotmail.com]
Sent: March 4, 2005 11:09 AM
To: Steven Hay
Cc: 'focus-ms@securityfocus.com'
Subject: Re: Disabling USB mass storage
Hi,
The GPO works with an Apple IPod ??
Thank's
Weber Ress
Steven Hay wrote:
> Removable drives, yes.
>
> If we can do it by GPO then we're hoping we can decide what
> systems/users can be allowed to use removable storage devices (like
> camera's, USB drives, etc). Ideally we'd like to have it so a few
> manager's systems are allowed, as well as IT staff.
>
> -----Original Message-----
> From: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]
> [mailto:sbradcpa@pacbell.net]
> Sent: March 3, 2005 10:14 PM
> To: Steven Hay
> Cc: 'focus-ms@securityfocus.com'
> Subject: Re: Disabling USB mass storage
>
>
> HOW TO: Disable the Use of USB Storage Devices in Windows XP:
> http://support.microsoft.com/default.aspx?scid=kb;en-us;823732
>
> Disable completely?
>
> Steven Hay wrote:
>
>
>>Good topic question, one we're having issues with as well, but with XP
>>SP1.
>>
>>We want to disable any removable drives from working on our 400+
>>workstations without having to visit each one.
>>
>>I tried denying access to usbstor.sys in the GPO, and confirmed that
>>the policy was applied to our test system. But it seems like the
>>system privliges override the GPO rights (I'm guessing) as the
>>removable drive letter pops up and is usable when a USB drive is
>>connected.
>>
>>Anyone have any experience with locking these down using GPO?
>>
>>Steve
>>
>>-----Original Message-----
>>From: Moser, Scott [mailto:scott.moser@smead.com]
>>Sent: March 3, 2005 12:40 PM
>>To: Martin a Marika TYDOROVCI; focus-ms@securityfocus.com
>>Subject: RE: Disabling USB mass storage
>>
>>
>>Create new key
>>HKLM\System\CurrentControlSet\Control\StorageDevicePolicies
>>and then create REG_DWORD called WriteProtect and set to 1. This will
>>prevent write only (not read) in XP SP2 only.
>>
>>-----Original Message-----
>>From: Martin a Marika TYDOROVCI [mailto:tydy@szm.sk]
>>Sent: Wednesday, March 02, 2005 2:10 PM
>>To: focus-ms@securityfocus.com
>>Subject: Disabling USB mass storage
>>
>>Hi list,
>>
>>Does anyone knows a way to disable USB mass storage device in Win XP?
>>I
>>need to disable using devices such as USB flash drive, card readers,
>>etc.
>>
>>Regards
>>
>>----------------------------------------------------------------------
>>-
>>-
>>---
>>------------------------------------------------------------------------
>>---
>>
>>
>>
>>----------------------------------------------------------------------
>>-
>>----
>>--------------------------------------------------------------------------
-
>>Please note that Internet email is not always private, secure or reliable.
>>The sender accepts no liability for any damages caused by any virus
>>inadvertently transmitted with this email. Any opinion expressed in this
>>email is solely that of the author, unless clearly indicated otherwise.
>>This email, and any attachments, may contain confidential and/or
>
> proprietary
>
>>information that is intended only for use by the addressee. If you
>>are not the intended recipient, any use, dissemination, forwarding,
>>printing, or copying of this email is strictly prohibited. If you
>>received this email
>
> in
>
>>error, please delete the email and advise the sender of the delivery
>>error.
>>
>>----------------------------------------------------------------------
>>-
>>----
>>--------------------------------------------------------------------------
-
>>
>>
>>
>>
>
>
---------------------------------------------------------------------------
---------------------------------------------------------------------------
Please note that Internet email is not always private, secure or reliable.
The sender accepts no liability for any damages caused by any virus
inadvertently transmitted with this email. Any opinion expressed in this
email is solely that of the author, unless clearly indicated otherwise.
This email, and any attachments, may contain confidential and/or proprietary
information that is intended only for use by the addressee. If you are not
the intended recipient, any use, dissemination, forwarding, printing, or
copying of this email is strictly prohibited. If you received this email in
error, please delete the email and advise the sender of the delivery error.
---------------------------------------------------------------------------
---------------------------------------------------------------------------
- Previous message: Kurt Dillard: "RE: Disabling USB mass storage"
- Maybe in reply to: Martin a Marika TYDOROVCI: "Disabling USB mass storage"
- Next in thread: browro_at_samc.com: "Re: Disabling USB mass storage"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
