Re: [foxboro] Windsnows Question

  • From: "Wilson, Brad" <brad.wilson@xxxxxxxxxxxx>
  • To: "foxboro@xxxxxxxxxxxxx" <foxboro@xxxxxxxxxxxxx>
  • Date: Wed, 23 Mar 2011 15:53:34 -0400

But kbs and mice are mostly hot-pluggable, so locking all the USB ports except 
those in use doesn't prevent someone from unplugging the mouse or kb and 
sticking in a memory stick.
Short of hard-coding those USB ports to specific hardware (if it's possible), 
the only solution is locking the processor in a cabinet - in which case all the 
ports are protected and none must be locked.
Kind of a catch-22.

Brad Wilson
Invensys Operations Management
SAMREF Project Team
brad.wilson@xxxxxxxxxxxx
732-874-0087 cell
626-599-2502 office


-----Original Message-----
From: foxboro-bounce@xxxxxxxxxxxxx [mailto:foxboro-bounce@xxxxxxxxxxxxx] On 
Behalf Of phaese@xxxxxxxxxx
Sent: Wednesday, March 23, 2011 12:42 PM
To: foxboro@xxxxxxxxxxxxx
Subject: Re: [foxboro] Windsnows Question

Robert,

USB mass storage devices can be disabled by the use of 2 small bat files.

You can add them to the env files to enable or disable them.

It's not 100% fool proof, If you leave the USB storage device in the PC and do 
a change env, the files is locked and can't be renamed.

add the following to the env.dms file

dmcmd run start D:/opt/customer/scripts/USB_ON.bat or dmcmd run start 
D:/opt/customer/scripts/USB_OFF.bat

USB_ON.bat

REM ## Tool to enable the use of USB Mass Storage Devices        ##
REM ## Created Invensys System Belgium                           ##
REM ## No Rights can be claimed for failures and upgrades.       ##
REM ###############################################################
c:
cd %systemroot%\inf

reg ADD HKLM\SYSTEM\CurrentControlSet\Services\USBSTOR /v Start /t REG_DWORD /d 
3 /f

ren usbstor.inf.backup usbstor.inf 
ren usbstor.pnf.backup usbstor.pnf 

USB_OFF.bat

REM ## Tool to disable the use of USB Mass Storage Device        ##
REM ## Created Invensys System Belgium                           ##
REM ## No Rights can be claimed for failures and upgrades.       ##
REM ###############################################################

c:
cd %systemroot%\inf

reg ADD HKLM\SYSTEM\CurrentControlSet\Services\USBSTOR /v Start /t REG_DWORD /d 
4 /f

ren usbstor.inf usbstor.inf.backup
ren usbstor.pnf usbstor.pnf.backup

t

Regards,

Patrick Den Haese
Invensys systems Belgium


----- Originele e-mail  -----
Van: "Robert D. Balmer" <Robert_Balmer@xxxxxxx>
Aan: foxboro@xxxxxxxxxxxxx
Verzonden: Woensdag 23 maart 2011 16:24:28 GMT +01:00 Amsterdam / Berlijn / 
Bern / Rome / Stockholm / Wenen
Onderwerp: [foxboro] Windsnows Question

To those that use Windows everyday this may sound silly, but. Is there any way 
to lock down the USB ports not used by keyboard, mouse ect? In my dream world I 
could lock down unused USB port(s) except when you are logged in as System 
Engineer or other password protected environments.
Thank you in advance for any information
Robert Balmer
Senior Application Analyst/Programmer
CCST
Climax Molybdenum Co.
2598 Highway 61
Fort Madison IA 52627
(319) 463-2206


 
 
_______________________________________________________________________
This mailing list is neither sponsored nor endorsed by Invensys Process
Systems (formerly The Foxboro Company). Use the info you obtain here at
your own risks. Read http://www.thecassandraproject.org/disclaimer.html
 
foxboro mailing list:             //www.freelists.org/list/foxboro
to subscribe:         mailto:foxboro-request@xxxxxxxxxxxxx?subject=join
to unsubscribe:      mailto:foxboro-request@xxxxxxxxxxxxx?subject=leave
 
 
 
_______________________________________________________________________
This mailing list is neither sponsored nor endorsed by Invensys Process
Systems (formerly The Foxboro Company). Use the info you obtain here at
your own risks. Read http://www.thecassandraproject.org/disclaimer.html
 
foxboro mailing list:             //www.freelists.org/list/foxboro
to subscribe:         mailto:foxboro-request@xxxxxxxxxxxxx?subject=join
to unsubscribe:      mailto:foxboro-request@xxxxxxxxxxxxx?subject=leave
 


*** Confidentiality Notice: This e-mail, including any associated or attached 
files, is intended solely for the individual or entity to which it is 
addressed. This e-mail is confidential and may well also be legally privileged. 
If you have received it in error, you are on notice of its status. Please 
notify the sender immediately by reply e-mail and then delete this message from 
your system. Please do not copy it or use it for any purposes, or disclose its 
contents to any other person. This email comes from a division of the Invensys 
Group, owned by Invensys plc, which is a company registered in England and 
Wales with its registered office at 3rd Floor, 40 Grosvenor Place, London, SW1X 
7AW (Registered number 166023). For a list of European legal entities within 
the Invensys Group, please go to 
http://www.invensys.com/legal/default.asp?top_nav_id=77&nav_id=80&prev_id=77.

You may contact Invensys plc on +44 (0)20 3155 1200 or e-mail 
reception@xxxxxxxxxxxxx This e-mail and any attachments thereto may be subject 
to the terms of any agreements between Invensys (and/or its subsidiaries and 
affiliates) and the recipient (and/or its subsidiaries and affiliates).

 
 
_______________________________________________________________________
This mailing list is neither sponsored nor endorsed by Invensys Process
Systems (formerly The Foxboro Company). Use the info you obtain here at
your own risks. Read http://www.thecassandraproject.org/disclaimer.html
 
foxboro mailing list:             //www.freelists.org/list/foxboro
to subscribe:         mailto:foxboro-request@xxxxxxxxxxxxx?subject=join
to unsubscribe:      mailto:foxboro-request@xxxxxxxxxxxxx?subject=leave

Other related posts:

  1. Home
  2. foxboro
  3. Archive
  4. 03-2011