4

What are some simple methods of preventing my computer from being infected by USB drives and other storage devices? I'm not asking for any bullet-proof methods, just something that can prevent infection in the majority of cases.

For example, one thing I do is to create a folder named Autorun.inf on all my partitions and all of my USB drives. This is to prevent an Autorun.inf file from being created, or at the very least have a quick way of knowing I've been infected — if the folder is missing, something is wrong.

Improve this question
1
  • Are you asking how to protect your own USB drives from being infected by compromised machines? Commented Apr 8, 2014 at 10:11

2 Answers 2

Reset to default
4

To avoid infection from storage devices, don't execute any files from them, and configure your operating system to not do so automatically. But storage devices aren't the only threat in form of USB. For example, take a look at this USB keyboard:

USB Rubber Ducky device

"But that's not a keyboard! That's a USB thumb drive!" Are you sure? "Of course! I can tell a keyboard apart from a thumb drive when I see them!" Really? It might look like a thumb drive to you, but when you connect it to a PC, it says it's a keyboard, and the PC has no reason to believe that it is anything else.

As soon as this device is recognized as a keyboard by the operating system, it will automatically start typing. What's it typing? That's up to the one who programmed it. Common payloads are the keyboard shortcut to open a text editor, type a malicious script, save it, perform the shortcut to open a command shell and execute what it just wrote. Others are to open a web browser, enter the URL of an executable on a FTP server, download it and execute it.

The only software-method to protect you from this is to disable plug&play of USB devices. You will then have to enable any new USB device manually. When you plug in a thumb drive and it appears as a HID device, you have reason to be suspicious and can choose to not enable it.

But there are also hardware-solutions. There are USB adapter plugs which only allow certain types of USB devices to pass through. Unfortunately I have never used such a device, so I don't feel comfortable to give any specific product recommendations.

Improve this answer
2

One good practice you should follow to avoid getting infected from USBs is to disable the Autorun functionality in all of your computers. If I recall correctly, Windows 7 and 8 have Autorun disabled by default for all devices except CD and DVDs, although the slightly different Autoplay function can still be used on USB devices. You can find a quite thorough guide for Microsoft OSes here.

I don't think you have a similar problem on Linux, however if you want to anyway then you can, but the exact procedure of doing it is usually different for different distributions and file managers. Google is your friend in that case :)

Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.