4

I am developing a project where I need to restrict usage of accessing non white-listed USB devices in the organization's network.

I am using it by checking the VID and PID of that USB devices.

Now, the problem is that if I have, for example, an Apple I-pad, that would have a global VID and PID number. If I white list any of the Apple I-Pads then, with my current scenario, all other Apple I-Pads would be authorized in the network.

Is using VID and PID numbers the best way to check if a USB device is white-listed, or is there a better solution?

Thanks.

terdon
  • 52,568
  • 14
  • 124
  • 170
RL89
  • 105
  • 1
  • 6
  • Keep in mind this isn't going to prevent people from booting via USB unless you disable "Boot from USB" in BIOS of each computer. – cutrightjm Oct 01 '12 at 20:28

2 Answers2

2

Most USB devices with storage have a serial number; use that.

For example, in Linux, you can see this in the output of lsusb:

lsusb -v
...
Device Descriptor:
  ...
  idVendor 0x1908
  idProduct 0x0102
  ...
  iManufacturer 2 BUILDWIN
  iProduct 3 Digital Photo Frame
  iSerial 1 200807101900000000
  ...
CL.
  • 1,595
  • 12
  • 12
2

I suggest you take a look at this document :
Thumb Drive Threats and Countermeasures in a Microsoft Windows

Especially look at the chapter "Threat Countermeasures", where are described the security measures built into Windows, as well as commercial security products such as :

GFI LanGuard
Lumension
DeviceLock

harrymc
  • 455,459
  • 31
  • 526
  • 924
  • 1
    Thanks for the information, but have you worked on any such kind of security measures in any organisation? – RL89 Oct 04 '12 at 15:38
  • Sorry, I have no experience with any of these products. Employees in my company can take home their laptops, so thumb drives are not our main worry. – harrymc Oct 04 '12 at 17:25