Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: Security with USB Devices
From: "Thor (Hammer of God)" <thor () hammerofgod com>
Date: Fri, 5 Aug 2005 10:40:20 -0700

The same goes for USB drivers (and printer drivers). If it's in the default Windows driver.cab (I belive) then you're golden. When you add a new device to a machine, sometimes you need to provide a driver, and sometimes you don't. That's why.

Further, regular users in a domain can add new printer drivers by default though you can easily prevent this with group policy. I brought this up several years ago in regard to delivering a kernel mode rootkit via a printer driver by a non-admin user, but I've not seen anyone code it up yet.

t

------------------------------------------------------------------------------
FREE WHITE PAPER - Wireless LAN Security: What Hackers Know That You Don't

Learn the hacker's secrets that compromise wireless LANs. Secure your
WLAN by understanding these threats, available hacking tools and proven
countermeasures. Defend your WLAN against man-in-the-Middle attacks and
session hijacking, denial-of-service, rogue access points, identity
thefts and MAC spoofing. Request your complimentary white paper at:

http://www.securityfocus.com/sponsor/AirDefense_pen-test_050801
-------------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]