PORTS Forum

Ports and Interfaces => USB => Topic started by: mughisq on January 18, 2011, 09:14:27 pm

Title: Blocking a USB Device Dynamically
Post by: mughisq on January 18, 2011, 09:14:27 pm

I am looking into blocking USB devices "dynamically" based on device class or serial number. By dynamically, I mean that it should be without user intervention such as registry manipulation as given in some of Micrsoft's solutions. Devices should be blocked on pre-configured device classes or serial numbers.

I have read the Jan Axelson's book, especially the "Ch. 4: Enumeration", as well as searched online resources. But haven't found a starting point yet.

Any suggestions or pointers in this regard will be appreciated.

Title: Re: Blocking a USB Device Dynamically
Post by: Jan Axelson on January 18, 2011, 10:26:21 pm

Without user (or admin) intervention, how will the system know to block the devices? Someone has to tell it.

Maybe this will be useful:

http://diaryproducts.net/about/operating_systems/windows/disable_usb_sticks

Jan

Title: Re: Blocking a USB Device Dynamically
Post by: mughisq on January 19, 2011, 02:44:42 am

Hi Jan,

To answer your question, user or system admin could configure filters (device classes, serial number) in a file. This file can be consulted during enumeration and the devices allowed accordingly.

I have taken a cursory look at the link you provided. First, it appears to be Storage device specific. Not sure if it will work for non-storage USB devices. Secondly, it involves modification/addition/deletion of files which I want to avoid

Title: Re: Blocking a USB Device Dynamically
Post by: Jan Axelson on January 19, 2011, 10:41:38 am

In theory, you could write a filter driver that monitors enumeration and refuses to configure certain devices.I don't know of any examples or if in fact it's possible under Windows.

Jan