From: Yonatan Bokovza (Yonatan@xpert.com)
Date: Mon May 31 2004 - 10:52:26 EDT
> -----Original Message-----
> From: Jerry Shenk [mailto:jshenk@decommunications.com]
> Sent: Friday, May 28, 2004 05:06
> To: pen-test@securityfocus.com
> Subject: USB delivered attacks
>
>
> I recently inserted some guy's USB drive into a machine and was a but
> surprised when it went into an auto-run sequence. I think turning off
> auto-run is a REALLY good idea. On a USB drive, it seems
> like it could
> be really dangerous. Has anybody messed with this?
I used this attack with autorun on a CD-ROM.
This is why disabling autoruns should be a part of any hardening
process. It is also another good reason to keep physical security tight.
http://support.microsoft.com/support/kb/articles/Q155/2/17.ASP
Best Regards,
Yonatan Bokovza
IT Security Consultant
Xpert Systems
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:55 EDT