There are a number of ways to disable storage on attached media using USB port of your computer, this can be a good solution if we want to prevent certain types of attacks from infecting our system through this type of device, but it can also serve as a method to try to limit the capabilities of a certain computer if we do not want to that others use this feature for a specific reason. Well, among the ways there are more extreme ones, such as directly eliminating the Linux kernel USB drivers (modules). In other words, delete the usb_storage.ko file, which is the module that acts as a controller for these devices.
But if we want a not so radical solution, we can use other ways to proceed so that these devices do not work in our distro. They are also quite simple methods to implement and that are usually effective, although not infallible ... For example, we can use the virtual device / bin / true to help us with what is called a "Fake Install", to proceed we simply have to create and open a file called block_usb.conf inside the /etc/modprobe.d/ directory where the kernel modules are stored.
Once that is done we can add the following content inside using the text editor that we like the most:
install usb-storage /bin/true
Now we save the file that we just created and voila, we will have a restriction for USB storage devices. eye! Because the rest of the USB devices will continue to work normally. Test the effectiveness, since I have heard some users say that it has not worked for them ...
The other method is to create a black listFor that we will create a file called blacklist.conf inside /etc/modprobe.d/ and with the text editor we add again inside all the device drivers that we want to add to our blacklist and that will not work. For example, for our USB:
Save the changes and check their effect ...
2 comments, leave yours
For me the best way is to ask for administrator or root authentication when mounting a device, this is achieved by modifying the org.freedesktop.udisks2.policy or org.freedesktop.UDisks2.policy file, this file contains the policies to mount devices This file contains several policies such as:
• Mount a file system
• Mount a file system on a system device
• Mount a file system of a connected device in another location
• Mount / unmount filesystems defined in the fstab file with the x-udisks-auth option
• Disassemble a device mounted by another user
• Become the owner of a file system
we are going to modify the policy
Mount to filesystem
we stand in politics
and we modify it
This will force the system to ask for the administrator's username and password when mounting a device via USB.
And if what I want to do is the opposite, recognize one and discard all the others, how can we use this method.
sudo chmod 700 / media / is radical and that's not the idea