neverRun tray utility
If you are like most network administrators you have had to deal with USB virii as of late. CERT even issued an advisory about it (CERT Vulnerability Note VU#889747) labeling the autorun functionality a vulnerability. There are several work arounds, none of them useful if you do not have Administrative privileges on the machine in question.
I think for most people this is the reality of the situation. For example, at my work the network I run is only a small part in a larger organization. Unfortunately the guys who run the rest aren't really up to par when it comes to security and even general maintenance. I do not control all of the machines I come into contact with.
To address the issue with those other machines I have written a small tool called neverRun. This user mode application sit's in your system tray until a new usb or network drive is connected to your machine. Once this is detected it scans the drive for any autorun.inf file and renames it. It does not clean any virus that might be present but it will stop you from getting infected unless you purposely execute it.
Download the source code and the application here (For Windows XP).
I think for most people this is the reality of the situation. For example, at my work the network I run is only a small part in a larger organization. Unfortunately the guys who run the rest aren't really up to par when it comes to security and even general maintenance. I do not control all of the machines I come into contact with.
To address the issue with those other machines I have written a small tool called neverRun. This user mode application sit's in your system tray until a new usb or network drive is connected to your machine. Once this is detected it scans the drive for any autorun.inf file and renames it. It does not clean any virus that might be present but it will stop you from getting infected unless you purposely execute it.
Download the source code and the application here (For Windows XP).
Comments