The USB key is loaded by Microsoft when inserted, and will happily run any autorun "utilities" copied to it.
Loading a USB key can and does propigate these Microsoft viri: 1) worms 2) trojans 3) autorun trojans boot sector attacks Windows suggests that user's disable the autorun features: http://antivirus.about.com/od/securitytips/ht/autorun.htm However, most high security sites disallow USB keys. As we all know, we could setup a fine sniffer, or arp cache poisoning tool, coordinated localhost attack, Metasploit scripted attack, all happily running on a "blanked screen" USB key booted to BIOS on any DoD Dell. They disallow Blackberry camera phones, BlueTooth and you also can't get to YouTube, Flickr, Myspace, or your Gmail and MSN webmail also! www.Obnosis.com | http://en.wiktionary.org/wiki/Citations:obnosis | http://www.urbandictionary.com/define.php?term=obnosis (503)754-4452 Catch the January PLUG HackFest! Kristy Westphal, CSO for the Arizona Department of Economic Security will provide a one hour presentation on forensics. Date: Fri, 21 Nov 2008 09:27:46 -0700 From: [EMAIL PROTECTED] To: plug-discuss@lists.plug.phoenix.az.us Subject: Re: OT: Pentagon Hit by Unprecedented Cyber Attack On Thu, Nov 20, 2008 at 7:49 PM, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: http://www.foxnews.com/politics/2008/11/20/pentagon-cyber-siege-unprecedente d-attack/ >... it has taken the unprecedented step of banning the use of external >>hardware devices, such as flash drives and DVD's... >The attack came in the form of a global virus or worm that is spreading >rapidly throughout a number of military networks. I fail to see the connection.... In my experience worms and virii usually don't propagate through DVDs... and rarely through flash drives. will banning these things REALLY secure things? what keeps a user behind their networks from opening VitalIntelligenceReport.doc.exe and executing it? ~ryan -- Thanks and best regards, Ryan Rix TamsPalm - The PalmOS Blog (623)-239-1103 <-- Grand Central, baby! Jasmine Bowden - Class of 2009, Marc Rasmussen - Class of 2008, Erica Sheffey - Class of 2009, Rest in peace. _________________________________________________________________ Color coding for safety: Windows Live Hotmail alerts you to suspicious email. http://windowslive.com/Explore/Hotmail?ocid=TXT_TAGLM_WL_hotmail_acq_safety_112008
--------------------------------------------------- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
