Re: Controlling specific USB devices on Windows XP

From the article [
http://www.darkreading.com/document.asp?doc_id=95556&WT.svl=column1_1
]

"then unknowingly running our piece of software."

A majority of machines we find are still configured to not show
extensions of known file types yet I can easily make an executable
file with the icon from Microsoft Word. If I name my program
"creditcards.doc"[hidden].exe that a) installs the trojan and b) runs
word opening a hidden file called [whatever.doc] the end user see's
nothing special but a document appearing (provided word is installed
or whatever you want to run).

Not automatically running applications on USB drives versus having
smarter end users to not pick a USB drive up off the parking lot are
two different things.

Having policies defining what the user can and cannot do takes away
their ability to mess things up.

On 6/15/06, Harlan Carvey <keydet89@xxxxxxxxx> wrote:

> Given the recent social engineering test with USB
> devices left around
> a credit-unions lobby I would disagree.

That "test" is suspect, as it doesn't provide nearly
enough information. By default, Windows does not
parse the "load=" or "run=" lines of an autorun.inf
file from removeable media. So, the question is, what
about the "test" got the users to run the Trojan on
the USB devices?

--
Greg Merideth
Forward Technology, LLC.
CTO & Other Wild Stuff
gmerideth@xxxxxxxxxxxxxxxxxxxxx
PGP Fingerprint
D0FCCD39743A6ABF87470A87EDE382594968A60A
"10b|~10b" - Shakespeare

---------------------------------------------------------------------------
---------------------------------------------------------------------------

Relevant Pages

  • Re: USB Flash memory Disk not present on reboot
    ... >all usb devices are automounted. ... >that with fc3 the usb drives were automounted at boot without adding ...
    (Fedora)
  • Re: [kde-linux] Cant read USB key drives
    ... On Tuesday 20 January 2009 11:53:28 Philipp Paul wrote: ... pointing to /media/DataTraveler 2.0. ... it is certainly not true that you can't read USB devices as user. ... Perhaps more relevant might be to tell us how the USB drives ...
    (KDE)