Slashdot Mirror

← Back to Stories (view on slashdot.org)

NSA Develops USB Storage Device Detector

Posted by kdawson on from the don't-bogart-that-thumb-drive dept.

Hugh Pickens writes "Bob Brewin writes on NextGov that the National Security Agency has developed a software tool that detects thumb drives or other flash media connected to a network. The NSA says the tool, called the USBDetect 3.0 Computer Network Defense Tool, provides 'network administrators and system security officials with an automated capability to detect the introduction of USB storage devices into their networks. This tool closes potential security vulnerabilities; a definite success story in the pursuit of the [Defense Department] and NSA protect information technology system strategic goals.' The tool gathers data from the registry on Microsoft Windows machines (PDF) and reports whether storage devices, such as portable music or video players, external hard drives, flash drives, jump drives, or thumb drives have been connected to the USB port. 'I have a hunch that a bunch of other agencies use the detection software,' writes Brewin."

1 of 233 comments (clear)

  1. Re:Useless Tool... by ironicsky · · Score: 5, Informative

    Agreed. You can either change the value of HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\UsbStor and/or deny anyone who is not an admin access to the following files in the NTFS %SystemRoot%\Inf\Usbstor.pnf and %SystemRoot%\Inf\Usbstor.inf and they wont be able to mount a US drive... Password protect the bios and disable the USB storage there too.

    Of course this only works for Windows, linux users and Mac users can simply be denied access to the device chain in /dev/