LinuxQuestions.org
Latest LQ Deal: Linux Power User Bundle
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - General
User Name
Password
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.

Notices


Reply
  Search this Thread
Old 01-13-2009, 12:58 AM   #1
ShanxT
Member
 
Registered: Apr 2007
Location: India
Distribution: Ubuntu 10.04, RHEL/Centos 5.x, Knoppix
Posts: 41

Rep: Reputation: 3
Using Linux to sandbox USB drives in Windows


First, I'll explain the situation..
Many of my friends regularly use USB drives to transfer data between our college comps and their comps.. The problem is that the college comps are a warehouse of all kinds of viruses, many of which run from USB drives. Now, they HAVE to transfer data, and some of the viruses are not recognised by the anti-virus softwares they use. I told them to just disable autorun, but even this didn't stop some of the viruses from infecting their comps. Most of the software that they use is propriety, and will not run on linux, so I can't tell them to install a linux based OS.

The solution I thought of is using qemu to create a virtual console within Windows, to basically create a 'quarantined' area for the USB drives to run.

My questions:
1) Is this feasible? Will running an OS from qemu ensure that each time a pen drive is inserted, the virtual OS will handle its operations, and it won't affect Windows?

2) Which OS would be best suited for this? I've used DSL before, around a year back, but at that time atleast, it didn't recognise the USB ports. Is this true for all?

3) Is there any other way to do this?


Time and again I've used linux to rescue Windows comps, I'm hoping there's a solution for this as well..
 
Old 01-14-2009, 12:17 AM   #2
PatrickNew
Senior Member
 
Registered: Jan 2006
Location: Charleston, SC, USA
Distribution: Debian, Gentoo, Ubuntu, RHEL
Posts: 1,148
Blog Entries: 1

Rep: Reputation: 48
1) Not really. A sandbox is there to restrict the actions of processes inside it, not outside it. Perhaps you can try to tell windows not to mount flash drives, but in my experience Windows is not very good at doing what you tell it to when it thinks it knows better.

2) If you were going to try this approach, the OS wouldn't matter very much - probably the smaller the better. Heck, flash drives are not exactly exotic drivers, I might even go for OpenBSD

3) I would try to figure out how these virii are getting off the flash drives and onto the computer. If you disabled autorun, then that attack vector is closed. That's the biggie. If they are getting off another way, it's through the user's actions or from pre-existing malware. By "the user's actions" I don't mean blame the users, I mean they opened the word doc that they thought was clean but actually had malicious macros. There's really no defending against that, because the desired content *is* the virus.
 
Old 01-14-2009, 04:23 AM   #3
ShanxT
Member
 
Registered: Apr 2007
Location: India
Distribution: Ubuntu 10.04, RHEL/Centos 5.x, Knoppix
Posts: 41

Original Poster
Rep: Reputation: 3
Thanks for replying! I'll look into what you said about figuring out how the viruses get there.. Even I had thought that disabling autorun would pretty much fix the problem, but it didn't work. I'll figure out what else the users do.. The end users are nearly always the weakest link. Windows comes next.

I'm also checking out a program that I found after a little googling, called 'Sandboxie'. From what I've read till now, it seems promising..
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Using usb drives in linux(debian) sunils1973 Linux - General 6 03-24-2008 08:41 AM
sandbox application for SUSE linux? izquierdista Linux - Software 1 02-10-2007 04:20 PM
Give user permission to mount/use cdrom drives or usb drives zwyrbla Linux - Newbie 2 08-23-2004 05:30 PM
Partitioning drives to split Linux and windows with windows already on computer. linuxnoub Linux - Hardware 5 10-16-2003 01:21 AM
USB Mini Drives and Linux... DiZASTiX Linux - Hardware 5 07-01-2003 04:49 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - General

All times are GMT -5. The time now is 01:42 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration