Securing portable storage devices

With portable storage devices becoming more and more popular, IT staff have had to come up with is ways of protecting the sensitive data on their networks from such devices.

Not only do these devices able to store large amounts of data but they can also carry programs such as browers, utilities and of course keyloggers or other malicious content. This poses a huge security risk to company data and infrastructure. So how do you do your protect yourself from such risks? Well below I will step through a few workarounds that I have come up with:

• One way to disable portable storage devices is to disable the USB functionality all together. This can be done in the BIOS. (each BIOS is different so the steps maybe different for your machine)
• Restart your machine, once the machine is rebooted it should show in the top left or right of the screen "Setup" or "BIOS Config" hit the associated key that shows next to that.
• You may have to search around in some of the menus for "USB Support" or "USB Device" It can usually found in the advanced configuration. Set that to disable. This will disable any USB device that you may have connected to the machine. Including printers, keyboards, mice, PDA's.
• Then you can "Exit and Save"

Of course as mentioned above that this will make all USB devices cease to function. This may or may not be ideal in your particular environment. So there is any other way around this in Windows.

Since Windows has incorporated Plug'n'Play in their operating systems, it has been at times a blessing and in other times it has been a security nightmare. In this case most USB storage devices are automatically installed and don't need administrative privileges to install. One way around that is in a corporate environment is to use policy editor and block all USB devices from being installed. This can also be done in Active Directory group policy editor.

The problem in this method lies in: how do you allow certain devices to work and not others. If you use policy editor it will do it for certain groups or domain wide. However, if you want certain machines, the ability to use USB devices but not storage devices then you can do the following:

• If no USB storage devices have been used then:
• Search for the following files:
• %SystemRoot%\Inf\Usbstor.inf
• %SystemRoot%\Inf\Usbstor.pnf
• Then when you have located then set the permissions to Administrator to Allow and Everyone set to Deny, and other user groups that you don't want installing the device should also be set to Deny.

• If the storage device has been installed then you will need to edit the following key in the registry: !Make changes to the registry at your own risk!
• HKLM\SYSTEM\CurrentControlSet\Services\UsbStor
• Once you have located the above key then you have to change the hexadecimal value to 4.

I have tested the above in Windows 2000 environment, with many different USB keys and it works. Of course one might ask why would you want to allow anyone access to install any USB device. Well when your Administrative staff uses PDA's then you tend to find ways of being secure but allow the people that sign your check the ability to synch their Contacts. As always do adequate testing before implementing anything like this domain wide. If you have any questions drop me a line.

"Crikey"

The world has lost a great animal conservationist this weekend. Steve Irwin, was passionate in the protection of many of the worlds threatened animals. If you have ever watched him you would know that he was crazy, fun-loving guy. I send my condolences to his wife, and his two kids. Lets hope that his efforts of protecting animals will continue.

On another note I came across an blog entry on Digg last night, it was created by Jason Calcanis from Netscape fame. The title of the entry was "The Discovery Channel Killed Steve Irwin". If you read the article he basically says that because the Discovery Channel was trying to get higher ratings they get these people like Steve Irwin to do crazy, dangerous stunts. Well I think that is total B.S.

Steve Irwin used Discovery as much as they used him for ratings. He used that medium to spread his message about the necessity of crocs in the environment. Steve would have been wrestling, capturing, and saving crocs and other dangerous animals, with or without a TV show.

The Discovery Channel didn't create "naturalists' that have to risk their lives to be credible" Steve the TV persona was created by the love and passion of the fans that watched him on his show in Australia long before The Discovery Channel picked him up. That just sent his message across the world instead of in his own backyard.

The bottow line is that there is no one to blame for Steve's untimely death. Thats why they call it an accident.

Picture: Australian television presenter Steve Irwin, The Crocodile Hunter, lifts up a snake onstage at Nickelodeon's 15th Annual Kids' Choice Awards in Santa Monica, Calif. (CP PICTURE ARCHIVE/AP, Lucy Nicholson

World Trade Center

I saw the movie "World Trade Center" over the weekend. When the movie was starting to be advertised through the news media and over the internet, I was a little pissed off. I was mad that someone was making a movie to profit off such tragic part of American history. Well that changed once I seen the movie...

I have to say there wasn't a dry eye in the movie theater, even I was a little choked up. It was tastefully done, seeing it in the theater it was easy to feel like you were right there when it all went down. Because I have child now it was easy for me to sympathize what the two men trapped in the towers after the collapse were thinking about. I mean I couldn't imagine my daughter growing up without a mom or dad. They were torn between protecting themselves from harm and their jobs of protecting the public.

A lot of families are now with out a mother or father and some without both, all because a religious movement doesn't agree with American politics or ideologies. I guess its not really an American problem anymore, they (extremist Muslim) want to hurt anyone that is part of a democratic society that is different then theirs. Its a shame.

Not only did that event cause the deaths of many people, it also changed the way that people perceive their fellow man. People now profile everyday their life now. Making sure that they aren't sitting next to a person that they perceive to be Muslim on a plane, on a bus or on a train. They are watching to see who is moving into their neighborhoods and who is playing with their kids. Its a perpetual cycle that will not be broke now or in the future, unless we as parents teach our kids to be tolerable to other cultures. Its not unlike the American history with black slaves there is still a great deal racism that goes on; only because there is a great deal of adults that pass that racism onto their children.

Do I feel that the offending parties of the tragedy should be punished? Yes, I think they should but I don't think that Muslims in general should be punished. We can't allow the government or anyone else start profiling or taking away the basic freedoms that are in the constitution that Americans in the past fought for. If that happens then the people that orchestrated 9/11 have won more then they could ever imagine, we have let the fear created in aftermath dictate the future. Of course that is just my opinion.

So yeah...

I discovered that I created a blogger account that I haven't used in almost a year. So I'm thinking that I will start to use it.

I'm not quite sure what it is I'm going to write, I'm thinking that I will do some reviews of the products that I come across. Also some of my experiences in healthcare IT field. Lord knows I have a lot of them.

Twistedf8

If you have any ideas please don't hestitate to contact me at twistedf47e(@)gmail.com

Microsoft, you mean Microshaft

3 Reasons why I want to knock stuff over when I hear the word Microsoft:

1. Licensing of Microsoft products, you take it up the tail pipe every time you buy a Microsoft product. They never give you a brand new product, it is always improvements on the previous versions. It is hard to feel sorry for Microsoft, when they bitch about people using their products without paying for it. Well for one it is easier to installed a cracked copy of Windows then it is to figure out their licensing scheme. Forget about licensing server products without a PHD in Bullshit.

2. Windows is not that great! There is nothing like getting the blue screen of death when you least expect it and usually when you haven't saved in the last 5 minutes. The code is pieced together from other OS's down through the years. What really needs to be done is scrap everything that they have done in the last 15 years and start over. Long live DOS!

3. Updates. Updating Microsoft products is not unlike going to the dentist. You go for the check up and end up with a swollen mouth and drooling over yourself. Have you ever tried to update a driver from Microsoft. I made the mistake once, it was painful. I basically had to reinstall Windows it hosed it so bad. Most updates are to fix problems with previous updates.

The update that pisses me off more then anything is in Windows XP SP2 they limited the amount of out-going connections from your machine to 5. Now if you have ever tried to Bittorrent something 5 out-going connections are not sufficient. This limitation was put in place to stop worms from replicating as fast. However, there is no easy way to change the connections from 5 to higher number.

Bonus Gripe. The assumption that everyone needs to be an administrator. If you work in a corporate environment this is bane of your existence. Everyone wants to install all the software and download the last virus filled email from their friends to the corporate machines, so what do you to stop them. Well you put them in as a regular user. That is all great and fine except Microsoft is setup that you can run existing programs that require read and write access to files in the root directory or in Program Files. To put in lamens terms: Your shit ceases to work!

I don't know how many hours of hacking at the registry and permissions I have done to get some software product to work with Windows.

How to fix the game

Why is it that NHL is looking for ways to improve the game, and yet they do not have a contract yet? Isn't that an ass backwards way of doing things? Since I have already offered up my opinions of the lockout and how to end it, I will instead offer up my suggestions on how to make the game better.

1. You can talk about decreasing the size of goalie pads, which is great except it is not the solution. I bet the goalie equipment as grown in relation to a players stick as gotten lighter and more flexible. With these particular sticks the puck is shot harder and faster then in previous era's of the sport. Make stick weigh a certain weight or make players use the old wooden sticks.

2. There has been an increase of stick violations in previous seasons of the NHL. This could also be attributed to the fact the sticks are lighter then used to be. It is alot harder to get a stick up in the air when it weighs 32 oz instead of 8 or less oz that they weigh now.

I think what the NHL wants to do with the neutral zone and shoot outs at the end of the games is great, it will go a long way to make the game more exciting. I think they also need to shorten the amount of games they play. Make it 72 games or 70 games, so that they aren't playing 3 or 4 games a week. If there is one part of the game that I wouldn't want touched it would be the playoffs, that is greatest second season of any sport bar none. Its like 4 or more weeks of superbowl.

Just say No to Drugs!

Why does the US government decide now to take a look into the use of steroids in baseball? It seems to me that there are a lot of other things that the government should be worried about then the use of steroids to a hit few more balls over the wall in baseball.

Lets face it, people have known for years that there was/are steroids in baseball. Not just baseball but other sports also. Granted with the new rules put out by baseball to limit the use of illicit drug use of steroids, there will be drastic reduction in the amount of players currently using them. It seems that in the age of sports where there aren't millionaires but multimillionaires, you would think that they would have the common sense to stay away from the stuff.

If the government does decide to go after the players that have used or are still using, what will that mean for other sports such as football, wrestling and the Olympics? The NFL has a greater problem with drugs like marijuana, cocaine, crack. So why didn't the government hold an inquiry when Ricky Williams tested positive for marijuana? I'm thinking its because the NFL pay their lobbyists a lot more.

Now what I really don't understand is why it is so bad to use a human growth hormone in baseball? I mean the food industry pumps up to 75% of our foods with hormones. If its not to chicken to make them produce more eggs and to produce more meat. Its for the cows milk, or to make their meat more lean. If the government allows farmers and producers of our food to continue to add chemicals, hormones and god only knows what else to the foods we eat it will be a miracle that we will rot when we die.

If its not the food that we eat; its the drugs that the doctors put us on when we are sick. Now I don't see a doctor unless I am on my death bed. Americans in general will go for just about anything, and they will pay the copay and get their prescriptions. I came from a country that has free health care, we didn't go to the doctor until Buckley's Cough Syrup couldn't help us. If you think NyQuil is bad: the slogan for Buckley's is "It tastes awful and it works!" when it should be "See ya next year" I took it in '98 and woke up in '99. It should come with a warning "May Cause Coma's"

Its an endless cycle of eating shitty food, getting sick, go to the doctor, get shitty drugs and then eat shitty food again. The government won't do anything about it because it will benefit from the money made by the health insurance companies, drug companies and food producers. So while they play with the baseball players who have used something that makes them more competitive in a league of millionaires, and only harms themselves. Compared to the billionaires that have been harming Americans for years and years, I think the baseball players are small beans.