Can not disable USB stick - ubuntu 10.04

[nescafe]

For security reasons i have to block all USB mass storage ports.

I have try :

-------------------------------------------------------
/etc/modprobe.d/blacklist.conf - blacklist usb_storage
-------------------------------------------------------
# ls /lib/modules/$(uname -r)/kernel/drivers/usb/storage/usb-storage.ko
# mv /lib/modules/$(uname -r)/kernel/drivers/usb/storage/usb-storage.ko
/root
-------------------------------------------------------
sudo rmmod usb_storage
sudo modprobe -r usb_storage
-------------------------------------------------------
None of this is working.

The only thing that is working is automount option. If i disable this (
in gconf ) it will not load USB auto start, but when you start nautilus
you can still see "Verbatim USB storage" and you can access it.

How to block usb mass storage ?

 

[Lew]

For security reasons i have to block all USB mass storage ports.

I have try :

-------------------------------------------------------
/etc/modprobe.d/blacklist.conf - blacklist usb_storage
-------------------------------------------------------
# ls /lib/modules/$(uname -r)/kernel/drivers/usb/storage/usb-storage.ko
# mv /lib/modules/$(uname -r)/kernel/drivers/usb/storage/usb-storage.ko /root
-------------------------------------------------------
sudo rmmod usb_storage
sudo modprobe -r usb_storage
-------------------------------------------------------
None of this is working.

The only thing that is working is automount option. If i [sic] disable this ( in
gconf ) it will not load USB auto start, but when you start nautilus [sic] you can
still see "Verbatim USB storage" and you can access it.

How to block usb [sic] mass storage ?

I don't believe that Java has the ability to do that.

This is a rather OS-specific matter. Perhaps something in the OS docs might
help you?

 

[Roedy Green]

The only thing that is working is automount option. If i disable this (
in gconf ) it will not load USB auto start, but when you start nautilus
you can still see "Verbatim USB storage" and you can access it.

is there a way to uninstall the driver or to turn it off in bios?
--
Roedy Green Canadian Mind Products
http://mindprod.com
It is almost impossible to keep things in synch manually. Instead:
-Keep each fact in only one central database (not necessarily SQL),
and access it as needed. Since there is only one copy of each fact,
there is nothing to get out of synch.
-Use some automated tool so that if you change a fact is one place,
it automatically updates the others.
-Write a sanity checker you run periodically to ensure all is consistent.
This is the strategy compilers use.
-Document the procedures needed to keep all in synch if you change
something and rigidly and mechanically follow them.

 

[nescafe]

is there a way to uninstall the driver or to turn it off in bios?

If i turn it off in bios then i have to shut down all usb ports.
On the other side this is not good solution becuse i must be able to
start it when ever i need to, without rebooting.
I have one small verification program. If you enter correct username and
password , you get jdialog where you can choose to start or to stop usb
drive.

Like lew has wrote it's not directly java question but nevertheless
there must be some answer to this.

Maybe to find and block loading of usb driver ?
Maybe i can set java program to load on system startup and to block all
usb ports. But then again, none of upper commands are working.

Damn !
What to do. I can not be the first one with this kind of problem

 

[Lew]

is there a way to uninstall the driver or to turn it off in bios?

If i [sic] turn it off in bios then i [sic] have to shut down all usb [sic] ports.
On the other side this is not good solution becuse i [sic] must be able to
start it when ever i [sic] need to, without rebooting.
I have one small verification program. If you enter correct username and
password , you get jdialog [sic] where you can choose to start or to stop usb [sic]
drive.

Like lew [sic] has wrote it's not directly java question but nevertheless
there must be some answer to this.

Not in Java.

This is not a Java question.

Maybe to find and block loading of usb [sic] driver ?
Maybe i [sic] can set java [sic] program to load on system startup and to block all
usb [sic] ports. But then again, none of upper commands are working.

I'm sorry, "upper commands"?

What are those?

Damn !
What to do. I can not be the first one with this kind of problem

Ask in an appropriate forum.

Do a web search (e.g., Google).

Check out stackoverflow.

You want to do something spectacularly non-portable. Java is very likely the wrong tool for this.

Ask somewhere appropriate. This isn't that place. This is comp.lang.java.programmer, a forum for discussion of Java programming issues.

*Java* programming issues.

 

[Roedy Green]

Maybe to find and block loading of usb driver ?

You experiment with rename it so the OS can't find it temporarily. But
then you have to find a way to ensure it gets unloaded. Drivers don't
normally unload do they? Otherwise you should be able to swap drivers
without rebooting.

Perhaps you have to find the official driver and insert a back door it
is that can be used to deny access. In the DOS days that would have
been quite easy. Is there as 32- bit or 64-bit disassembler available?

In the olden days I dissassembled all kinds of things I was curious
about with Vtech 16-bit disassembler.
--
Roedy Green Canadian Mind Products
http://mindprod.com
When you were a child, if you did your own experiment
to see if it was better to put to cocoa into your cup first
or the hot milk first, then you likely have the programmer gene..

 

[Roedy Green]

How to block usb mass storage ?

Another approach would be to look for a brand of USB stick that let
you turn it on and off programmatically.

See http://mindprod.com/bgloss/usbflashdrive.html for places to start
looking. Look at ones with security features that might be used for
purposes other than initially intended.

In crude way you could enable/disable by the presence of some magic
file on the USB (perhaps with encrypted timestamp contents) that the
software that accesses it checks.
--
Roedy Green Canadian Mind Products
http://mindprod.com
When you were a child, if you did your own experiment
to see if it was better to put to cocoa into your cup first
or the hot milk first, then you likely have the programmer gene..