Re: Security with USB Devices

From: xyberpix (xyberpix@xyberpix.com)
Date: Fri Aug 05 2005 - 14:13:48 EDT

• Next message: H D Moore: "Re: How to get a reverse Shell / VNC from a writable directory on a remote web server."
• Previous message: okrehel@loews.com: "Re: AD password Auditing"
• In reply to: Kurt Buff: "Re: Security with USB Devices"
• Next in thread: Alan Davies: "RE: Security with USB Devices"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Sounds good to me ;-)

/me quickly swaps hats back to the one he wears at work

On 3 Aug 2005, at 21:41, Kurt Buff wrote:

> H D Moore wrote:
>
>> This is the toy I use, it works on Windows 2000+, but can take a few
>> seconds for the driver to get installed and the autorun to execute:
>> - http://www.hsc-us.com/consumer/usb_flashdrive/UDRW.html
>>
>> -HD
>>
>> On Tuesday 26 July 2005 09:51, NewYork User wrote:
>>
>>
>>> List,
>>>
>>> Does any one know a good program to "autorun" from USB drive on a
>>> windows 2000 or an XP machine? I have tried the traditional
>>> Autorun.inf but didn't have any luck.
>>>
>
> Ye Gods! Doesn't this make anyone even a little nervous? Autorun
> from a
> CD drive is bad enough, dontcha think? Being able to walk up to a
> machine and stick that in the port and autoinfect, or worse autocopy,
> seems to be a huge risk to me.
>
> I can see it now - someone on the night cleaning crew walks into the
> CFO's office, sticks that thing into the front USB port on her PC, and
> walks away with the My Documents folder. No muss, no fuss, no need to
> even turn on the monitor.
>
> Kurt
>
>
>
> ----------------------------------------------------------------------
> --------
> FREE WHITE PAPER - Wireless LAN Security: What Hackers Know That
> You Don't
>
> Learn the hacker's secrets that compromise wireless LANs. Secure your
> WLAN by understanding these threats, available hacking tools and
> proven
> countermeasures. Defend your WLAN against man-in-the-Middle attacks
> and
> session hijacking, denial-of-service, rogue access points, identity
> thefts and MAC spoofing. Request your complimentary white paper at:
>
> http://www.securityfocus.com/sponsor/AirDefense_pen-test_050801
> ----------------------------------------------------------------------
> ---------
>
>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (Darwin)

iD8DBQFC86xccRMkOnlkwMERAtjHAJ0XBcbcZgTVe9IAMVAtV5Hc8qPFAwCfS5lg
VMWqQNQYgyVGXJuPST4K5m4=
=TbBH
-----END PGP SIGNATURE-----

------------------------------------------------------------------------------
FREE WHITE PAPER - Wireless LAN Security: What Hackers Know That You Don't

Learn the hacker's secrets that compromise wireless LANs. Secure your
WLAN by understanding these threats, available hacking tools and proven
countermeasures. Defend your WLAN against man-in-the-Middle attacks and
session hijacking, denial-of-service, rogue access points, identity
thefts and MAC spoofing. Request your complimentary white paper at:

http://www.securityfocus.com/sponsor/AirDefense_pen-test_050801
-------------------------------------------------------------------------------

• Next message: H D Moore: "Re: How to get a reverse Shell / VNC from a writable directory on a remote web server."
• Previous message: okrehel@loews.com: "Re: AD password Auditing"
• In reply to: Kurt Buff: "Re: Security with USB Devices"
• Next in thread: Alan Davies: "RE: Security with USB Devices"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:42 EDT