Decent IT administrators secure their networks behind firewalls. They install mail filters on their SMTP servers and deploy anti-virus software on all client workstations. But securing the network is not sufficient -- what happens if the users bring their own USB memory sticks and connect them to the computers at their office? A 1 Gb USB stick can sometimes hold an entire company's vital data. Within minutes or even seconds an employee has all the files they need in order to start up their own business and take all the customers with them. Alternatively, what happens if a careless user accidentally compromises the network with an infected USB stick?
.................................................. ...................................
To disable the access to USB port, in windows XP and 2000
1. Click Start, and then click Run.
2. In the Open box, type regedit, and then click OK.
3. Locate, and then click the following registry key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\UsbStor
4. In the right pane, double-click Start.
5. In the Value data box, type 4, click Hexadecimal (if it is not already selected), and then click OK.
6. Quit Registry Editor.
To re-enable a disabled port:
1. Click Start, and then click Run.
2. In the Open box, type regedit, and then click OK.
3. Locate, and then click the following registry key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\UsbStor
4. In the right pane, double-click Start.
5. In the Value data box, type 3, click Hexadecimal (if it is not already selected), and then click OK.
6. Quit Registry Editor.
.................................................. .....................................
disable write access to USB port so that data files cannot be written to the mass storage device. The USB thumb drive will be read-only.
Open the Windows Registry and open the following key
HKEY_LOCAL_MACHINE\System\CurrentControlSet\ Control\StorageDevicePolicies
Now add a new DWORD called WriteProtect and put the value as 0 to disable write privileges to the USB port. To reverse the step, either delete the WriteProtect REG_DWORD or toggle the value to 1 which will enable the port.
Remember that the above trick works only with Windows XP SP2.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment