Page 2 of 2 FirstFirst 12
Results 11 to 13 of 13

Thread: Defense against BadUSB?

  1. #11
    Join Date
    Dec 2007
    Beans
    545

    Re: Defense against BadUSB?

    It's time for a follow-up. I have had mixed results with USBGuard. The 32-bit PPA I am using works on one computer, but the 64-bit version does not. There may be a workaround, which I have not tested. This leaves three choices (suggestions welcome):
    1. Troubleshoot
    2. One of the GoodUSB devices
    3. Denial

    Here's the short version.
    I can't recommend USBGuard at this time, because of bugs. My own PPA 64-bit installation on Xenial ( https://launchpad.net/~pmjdebruijn/+...buntu/usbguard ) is apparently safe to install and use, but works for a while and then fails to allow additional drives. The UI lists commands but is otherwise unresponsive to commands. Furthermore, it makes the computer hang on shutdown, and the hard drive restores data from journal after a hard shutdown. Possibly due to Redhat Bug 1751861 ( https://bugzilla.redhat.com/show_bug.cgi?id=1751861 ). A possible workaround: adding '/usr/sbin/usbguard-daemon -K -s &' (without quotes) to /etc/rc.d/rc.local on the line above the lines enabling wakeup on usb ( http://www.murga-linux.com/puppy/vie...7ad7d02f2a372a ).

    Previously I found the same PPA to work normally for one or two boot cycles, but then fail to start at boot time because of an unspecified parse error in rules.conf. The 32-bit version appears to run correctly on another computer.

    Other versions are affected by a nasty bug ( https://github.com/USBGuard/usbguard/issues/261 ) which blocks the keyboard and mouse. PPA versions for Disco and later appear to have a patch applied, but Bionic apparently does not ( https://launchpad.net/ubuntu/+source/usbguard ). I don't think I can recommend those versions at this time, because they appear to require a poorly documented, or undocumented special procedure for initialization, in order to whitelist the keyboard and mouse. The DeBruijn PPA version for Xenial explicitly does this automatically on installation.


    Other bugs:
    https://forums.fedoraforum.org/showt...nel-4-13-5-100
    https://forum.mxlinux.org/viewtopic.php?t=42443
    https://github.com/USBGuard/usbguard/issues/246

  2. #12
    Join Date
    Jun 2016
    Beans
    8

    Re: Defense against BadUSB?

    I wrote this a while back, it's cross-platform, very simple program. it needs sudo apt-get install libusb-1.0-dev to compile or you can grab the source code and compile the libusb yourself.
    you will need to add all your whitelisted vid: pid pairs to the "const char *mlist[] = {" part to customize it to you needs. compile like this:

    $ gcc -Wno-comment -Wall -o killswitch killswitch.c -lusb-1.0

    cheers


    https://github.com/slacker69/killswitch

  3. #13
    Join Date
    Dec 2007
    Beans
    545

    Re: Defense against BadUSB?

    Quote Originally Posted by c0n7r4 View Post
    I wrote this a while back, it's cross-platform, very simple program. it needs sudo apt-get install libusb-1.0-dev to compile or you can grab the source code and compile the libusb yourself.
    you will need to add all your whitelisted vid: pid pairs to the "const char *mlist[] = {" part to customize it to you needs. compile like this:

    $ gcc -Wno-comment -Wall -o killswitch killswitch.c -lusb-1.0

    cheers


    https://github.com/slacker69/killswitch


    That's nice but it appears to solve a completely different problem.

Page 2 of 2 FirstFirst 12

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •