[CentOS] Blocking external usb storage
Rudi Ahlers
Rudi at SoftDux.com
Fri May 23 07:20:14 UTC 2008
whoami i wrote:
> HI,
>
> This is my first mail to this mailing list.I want to block external
> usb storage completly on my server running on centos 5 having
> confidiential data.
>
> For that i used udev and blocked the external usb storage by creating
> the udev rule mentioning any usb storage will get mounted to
> /dev/null so that users cant mount as well.
>
> But in the mean time i am getting below logs in my /var/log/messages
> file when i insert any usb storage device.
>
> ######################################################
> May 23 12:24:02 localhost kernel: usb 1-4: new high speed USB device
> using ehci_hcd and address 4
> May 23 12:24:02 localhost kernel: usb 1-4: configuration #1 chosen
> from 1 choice
> May 23 12:24:02 localhost kernel: scsi3 : SCSI emulation for USB Mass
> Storage devices
> May 23 12:24:07 localhost kernel: scsi 3:0:0:0: Direct-Access
> USB Flash Disk 1100 PQ: 0 ANSI: 0 CCS
> May 23 12:24:07 localhost kernel: sd 3:0:0:0: [sdb] 1981440 512-byte
> hardware sectors (1014 MB)
> May 23 12:24:07 localhost kernel: sd 3:0:0:0: [sdb] Write Protect is off
> May 23 12:24:07 localhost kernel: sd 3:0:0:0: [sdb] Assuming drive
> cache: write through
> May 23 12:24:07 localhost kernel: sd 3:0:0:0: [sdb] 1981440 512-byte
> hardware sectors (1014 MB)
> May 23 12:24:07 localhost kernel: sd 3:0:0:0: [sdb] Write Protect is off
> May 23 12:24:07 localhost kernel: sd 3:0:0:0: [sdb] Assuming drive
> cache: write through
> May 23 12:24:07 localhost kernel: sdb: sdb1
> May 23 12:24:07 localhost kernel: sd 3:0:0:0: [sdb] Attached SCSI
> removable disk
> May 23 12:24:07 localhost kernel: sd 3:0:0:0: Attached scsi generic
> sg2 type 0
> ##############################################
>
> I want to know how device name sdb1[see above log] was allocated
> and is it possible to block the device node creation,if so wht i can
> do to block the same in my messages log.
>
>
> Regards
> lingu
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos
>
Why do you want to block? Why not rather disallow users to use the mount
command altogether? If it's a server, why do you have normal users
accessing it?
--
Kind Regards
Rudi Ahlers
CEO, SoftDux
Web: http://www.SoftDux.com
Check out my technical blog, http://blog.softdux.com for Linux or other technical stuff, or visit http://www.WebHostingTalk.co.za for Web Hosting stuff
More information about the CentOS
mailing list