The USB key is loaded by Microsoft when inserted, and will happily run any autorun "utilities" copied to it.
Loading a USB key can and does propigate these Microsoft viri:
1) worms
2) trojans
3) autorun trojans boot sector attacks
Windows suggests that user's disable the autorun features:
http://antivirus.about.com/od/securitytips/ht/autorun.htm
However, most high security sites disallow USB keys.
As we all know, we could setup a fine sniffer, or arp cache poisoning tool, coordinated localhost attack, Metasploit scripted attack, all happily running on a "blanked screen" USB key booted to BIOS on any DoD Dell.
They disallow Blackberry camera phones, BlueTooth and you also can't get to YouTube, Flickr, Myspace, or your Gmail and MSN webmail also!
www.Obnosis.com |
http://en.wiktionary.org/wiki/Citations:obnosis |
http://www.urbandictionary.com/define.php?term=obnosis (503)754-4452
Catch the January PLUG HackFest! Kristy Westphal, CSO for the Arizona Department of Economic
Security will provide a one hour
presentation on forensics.
Date: Fri, 21 Nov 2008 09:27:46 -0700
From:
phrkonaleash@gmail.com
To:
plug-discuss@lists.plug.phoenix.az.us
Subject: Re: OT: Pentagon Hit by Unprecedented Cyber Attack
On Thu, Nov 20, 2008 at 7:49 PM,
kitepilot@kitepilot.com <
kitepilot@kitepilot.com> wrote:
http://www.foxnews.com/politics/2008/11/20/pentagon-cyber-siege-unprecedente
d-attack/
>... it has taken the unprecedented step of banning the use of external >hardware devices, such as flash drives and DVD's...
>The attack came in the form of a global virus or worm that is spreading rapidly throughout a number of military networks.
I fail to see the connection....
In my experience worms and virii usually don't propagate through DVDs... and rarely through flash drives. will banning these things REALLY secure things? what keeps a user behind their networks from opening VitalIntelligenceReport.doc.exe and executing it?
~ryan
--
Thanks and best regards,
Ryan Rix
TamsPalm - The PalmOS Blog
(623)-239-1103 <-- Grand Central, baby!
Jasmine Bowden - Class of 2009, Marc Rasmussen - Class of 2008, Erica
Sheffey - Class of 2009, Rest in peace.
_________________________________________________________________
Color coding for safety: Windows Live Hotmail alerts you to suspicious email.
http://windowslive.com/Explore/Hotmail?ocid=TXT_TAGLM_WL_hotmail_acq_safety_112008 ---------------------------------------------------
PLUG-discuss mailing list -
PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss