Adrian, Have you checked the NSA's CSS guides?
http://www.nsa.gov/ia/guidance/security_configuration_guides/operating_systems.shtml I used this as a checklist last time I had to do some system hardening. It did give you several ways depending on if you where running a headless machine or a machine with a head (X Display). I'll also go with the last poster. Epoxy works really well. But then again what if they pop open the case and find a USB port or pins that just require a cable to use another path on the system board? Then again if they use a boot disk and disable any OS level protections / disabled devices you are SOL. -mmiller On Fri, Jul 2, 2010 at 5:08 AM, Adrian Crenshaw <[email protected]> wrote: > Hi all, > I've be doing some work on locking down Windows Vista/7 against > malicious USB devices: > > http://www.irongeek.com/i.php?page=security/locking-down-windows-vista-and-windows-7-against-malicious-usb-devices > > Anyone have guidance on doing the same in Linux? I imagine there are udev > rules that can be set? > > Adrian > > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com > _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
