[CentOS] Blocking external usb storage

Fri May 23 07:20:14 UTC 2008
Rudi Ahlers <Rudi at SoftDux.com>

whoami i wrote:
> HI,
>
>   This is my first mail to this mailing list.I want to block external 
> usb storage completly on my  server running on centos 5 having 
> confidiential data.
>
>  For that i used udev and blocked the external usb storage by creating 
> the udev rule  mentioning any usb storage will get mounted to 
> /dev/null so that users cant mount as well.
>
>   But in the mean time i am getting below logs in my /var/log/messages 
> file when i insert any usb storage device.
>
> ######################################################
> May 23 12:24:02 localhost kernel: usb 1-4: new high speed USB device 
> using ehci_hcd and address 4
> May 23 12:24:02 localhost kernel: usb 1-4: configuration #1 chosen 
> from 1 choice
> May 23 12:24:02 localhost kernel: scsi3 : SCSI emulation for USB Mass 
> Storage devices
> May 23 12:24:07 localhost kernel: scsi 3:0:0:0: Direct-Access     
> USB      Flash Disk       1100 PQ: 0 ANSI: 0 CCS
> May 23 12:24:07 localhost kernel: sd 3:0:0:0: [sdb] 1981440 512-byte 
> hardware sectors (1014 MB)
> May 23 12:24:07 localhost kernel: sd 3:0:0:0: [sdb] Write Protect is off
> May 23 12:24:07 localhost kernel: sd 3:0:0:0: [sdb] Assuming drive 
> cache: write through
> May 23 12:24:07 localhost kernel: sd 3:0:0:0: [sdb] 1981440 512-byte 
> hardware sectors (1014 MB)
> May 23 12:24:07 localhost kernel: sd 3:0:0:0: [sdb] Write Protect is off
> May 23 12:24:07 localhost kernel: sd 3:0:0:0: [sdb] Assuming drive 
> cache: write through
> May 23 12:24:07 localhost kernel:  sdb: sdb1
> May 23 12:24:07 localhost kernel: sd 3:0:0:0: [sdb] Attached SCSI 
> removable disk
> May 23 12:24:07 localhost kernel: sd 3:0:0:0: Attached scsi generic 
> sg2 type 0
> ##############################################
>
>  I  want to know how  device name sdb1[see above log] was allocated 
> and is it possible to block the device node creation,if so wht i can 
> do to block the same in my messages log.
>
>
> Regards
> lingu
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos
>   
Why do you want to block? Why not rather disallow users to use the mount 
command altogether? If it's a server, why do you have normal users 
accessing it?

-- 

Kind Regards
Rudi Ahlers
CEO, SoftDux

Web:   http://www.SoftDux.com
Check out my technical blog, http://blog.softdux.com for Linux or other technical stuff, or visit http://www.WebHostingTalk.co.za for Web Hosting stuff