Saturday, September 3, 2011

Disabling USB drive

Disabling USB drive or THUMB drive is considered as a very good security option to be implemented on server. To prevent theft of data by non-legitimate users.

Here are couple of ways in which you can disable USB drive.

METHOD #1 - By editing /boot/grub/grub.conf
Just add "nousb" at the end of the kernel line in /boot/grub/grub.conf file.
and then "reboot" your machine.

METHOD #2 - Removing the driver from default location.

ls /lib/modules/$(uname -r)/kernel/drivers/usb/storage/usb-storage.ko
mv /lib/modules/$(uname -r)/kernel/drivers/usb/storage/usb-storage.ko /root

In this method, I had moved the usb-storage.ko driver (or module) from its default location to some other place (/root in this case)

METHOD #3 - Using BLACKLIST option.

Remove the module, if it is already loaded.
modprobe -r usb_storage
Put the name of the usb_storage module in the blacklist
vim /etc/modprobe.d/blacklist and append - blacklist usb_storage

Now if you try to plug-in the USB it will not be detected by the system.