Hey guys. I haven't been using an AV for quite some time now, but I'm always careful about what I download and which sites I visit.
I'm worried about the USB malware because when I lend my USB stick to a friend I always get it back with at least 3 different viruses/worms on it. Now that I'm not using a AV (only the Comodo firewall), I'm curious what precaution measures there are against that type of malware? My AV used to scan them and delete as soon as I connect the USB stick, but now it could be a bit tricky and I don't want to install an AV + update it every time for it, in fact I don't want to have any traces of an AV on my winXP box at all.
What are you suggestions?
USB malware
- bad_brain
- Site Owner
- Posts: 11636
- Joined: 06 Apr 2005, 16:00
- 19
- Location: In your eye floaters.
- Contact:
Re: USB malware
hmmm....it is in fact tricky on Windows, on Linux it would be damn easy by changing the auto-mount permissions of an USB device.
the only practicable option I can imagine at the moment is to mount the USB stick into a sandbox environment. sadly the only app I found by a quick google check is shareware...it still works after 30 days (with some disabled advanced features) but there is a "reminder" feature that is surely annoying...
but well, sometimes software is found on the pavement as you surely know...*cough-cough*
if you're interested:
http://www.sandboxie.com/" onclick="window.open(this.href);return false;
I am pretty sure there were sandbox apps available on VX heavens, but it seems they are not there anymore...
the only practicable option I can imagine at the moment is to mount the USB stick into a sandbox environment. sadly the only app I found by a quick google check is shareware...it still works after 30 days (with some disabled advanced features) but there is a "reminder" feature that is surely annoying...
but well, sometimes software is found on the pavement as you surely know...*cough-cough*
if you're interested:
http://www.sandboxie.com/" onclick="window.open(this.href);return false;
I am pretty sure there were sandbox apps available on VX heavens, but it seems they are not there anymore...
- z3r0aCc3Ss
- Fame ! Where are the chicks?!
- Posts: 700
- Joined: 23 Jun 2009, 16:00
- 14
- Contact:
Re: USB malware
Use USB Disk Security
or
Block all the external devices' autorun
or
Block all the external devices' autorun
Beta tester for major RATs, all kinds of stealers and keyloggers.
Learning NMAP
Learning NMAP
Re: USB malware
bad_brain: how convenient, Comodo firewall has a sandbox option
z3r0aCc3Ss: installing new software is what I'm trying to avoid
Thanks guys for the suggestions!
z3r0aCc3Ss: installing new software is what I'm trying to avoid
Thanks guys for the suggestions!
Re: USB malware
its a trust issue - you cannot trust your machine after it uses a USB stick that is used by other people. You already know they tend to get virus and malware. That stick should not be near your primary machine.
DNR
DNR
-
He gives wisdom to the wise and knowledge to the discerning. He reveals deep and hidden things; he knows what lies in Darkness, and Light dwells with him.
He gives wisdom to the wise and knowledge to the discerning. He reveals deep and hidden things; he knows what lies in Darkness, and Light dwells with him.
Re: USB malware
It's actually a configuration issue. If your machine is set up to automatically run code from untrusted devices, you are not a clever man.
Re: USB malware
He never said anything about the USB stick automatically running code, he said he kept finding malware on the stick after getting it back. He wanted to figure out what to do without having to run an AV on it - my point was, if you can't trust who you loan the stick to, don't use the stick again.leetnigga wrote:It's actually a configuration issue. If your machine is set up to automatically run code from untrusted devices, you are not a clever man.
The same trust rule applies to the machine, you cannot expect your machine to be 'trusted' if you let other room mates or college buddies use it.
The 'trusted' thinking applies to smart sysadmins, for example - they know not to connnect the payroll server to the same network the internet has access to. You have to develop 'trusted' zones, or various levels of security zones - so you can apply the right measure of security and not redundant systems.
-DN
-
He gives wisdom to the wise and knowledge to the discerning. He reveals deep and hidden things; he knows what lies in Darkness, and Light dwells with him.
He gives wisdom to the wise and knowledge to the discerning. He reveals deep and hidden things; he knows what lies in Darkness, and Light dwells with him.