Rubberducky usb detection

TheFORCETheFORCE Member Posts: 2,297 ■■■■■■■■□□
I'm sure some of you are probably aware of the rubberducky usb hack. What I'd like to know is if anyone knows or can point me to some material that explains how to detect it or prevent it.

Comments

  • OM602OM602 Member Posts: 56 ■■□□□□□□□□
    Physical security probably being the most safe option.
    Theoretically you could blacklist/whitelist HID's but that would impair functionality a bit too much, and could be spoofed.

    Other things I can think of

    - Block RUN command by GPO(could be bypassed)
    - Set screensaver to 1 minute -> Reauthentication needed(make friends with the users)
    - I found a product which could help mitigate these attacks https://www.lumension.com/kb-1697.aspx(havent tested)

    To be honest, I tested a bit with the rubberducky and I find it requires a lot of insider knowledge(keyboard layout...OS language etC)
    I guess it's easer in a all-US environment
    The world chico, and everything in it
Sign In or Register to comment.