In our practice lab i wanna disable all USB devices connected to our Red Hat Linux based workstations. I'd like to disable USB flash or hard drives, which users can use with physical access to a system to quickly copy sensitive data from it. How do I disable USB device support under RHEL 5.x workstation operating systems?
The USB storage drive automatically detects USB flash or hard drives. You can easily force and disable USB storage devices under any Linux distribution. The modprobe program used for automatic kernel module loading and can be configured to not load the USB storage driver upon demand. This will prevent the modprobe program from loading the usb-storage module, but will not prevent root (or another program) from using the insmod program to load the module manually.
Type the following command:# echo 'install usb-storage : ' >> /etc/modprobe.conf
You can also remove USB Storage driver, enter:# ls /lib/modules/$(uname -r)/kernel/drivers/usb/storage/usb-storage.ko
# mv /lib/modules/$(uname -r)/kernel/drivers/usb/storage/usb-storage.ko /root
BIOS option
You can also disable USB from system BIOS configuration option. Make sure BIOS is password protected.
No comments:
Post a Comment