Comments on: EndPointScan: Scan your network for USB-related security risks

By: Neal Harvey

Neal Harvey — Thu, 20 Mar 2008 16:11:05 +0000

Nice one! Thanks for the tip!
Last year we had some security incidents with stealing of sensitive project data.
Since that time we have started to pay more attention to usb security. Now we use desktop authority as a desktop management solution and we control usb devices with this tool as well.
What I really like in this solution is that you can block or limit access to a particlular device on a particular pc.
For example, you can block the use of pocket PCs, palms and blackberries for some departments or OUs.
In addition you can limit the use of usb devices according to their serial numbers, for example, allowing the use of only company issued usb storage or even put some devices on a black list.

By: bo

bo — Mon, 11 Feb 2008 03:21:18 +0000

great tool

By: Kiltak

Kiltak — Sat, 12 May 2007 01:55:36 +0000

Good point Matthew .. I had the exact same thought at first, but since GFI is one of the company that I’ve been trusting for a while, I decided to test the application anyways. With the ever increasing number of firefox users, I think GFI should definitely look at a way to code their application to be usable in multiple browsers

I can understand why they made it that way though. Since ActiveX is proprietary and is made to work under IE and Windows, coding applications that access the operating system with it must be a lot faster and effective.

I know there is a Firefox plugin(s?) that permit people to use ActiveX under Mozilla’s browser, so maybe GFI should look at a way to use this to their advantage. Some browser independant code would still be the best solution, but we don’t live in a perfect world, and sometimes, we don’t always get what we want right away

By: Matthew Musgrove

Matthew Musgrove — Fri, 11 May 2007 22:48:45 +0000

It’s a pity that they chose to implement this as an ActiveX control because that limits the number of end users.

Requirements for the test

* Windows 2000, XP or 2003 as operating system. Not Windows 9X or NT!
* Microsoft Internet Explorer 6 or later with Internet security settings set to Medium. Please note that this version of EndPointScan does not work with Mozilla FireFox.
NOTE: You need administrator rights and privileges to set Internet security settings and execute EndPointScan.

Most IT professionals are wary of ActiveX controls and Internet Explorer in general.

By: Jean-Marc

Jean-Marc — Fri, 11 May 2007 19:57:26 +0000

Hey guys,

great post (again). I work as a sys admin for the public sector and we are constantly on the lookout new ways to track security risks. Over the last few years, portable devices have been a “sword of Damocles” of sorts hanging over our heads waiting to fall. I, and my colleagues, feel that they are a far greater risk to security (not to mention data integrity and confidentiality risks as well) than upper management is willing to recognize. This tool will help us in our research for effective solutions.

Keep up the good work!

By: Chris

Chris — Fri, 11 May 2007 18:14:54 +0000

We have no rules in our offices against the use of USB, however, with increasingly more sensitive data being transferred, companies need to be aware of tools such as this.

By: Jorge Andres

Jorge Andres — Fri, 11 May 2007 13:38:55 +0000

In the company i work, actually we dont have any rules against the use of USB devices, but we are thinking about stablishing some new policies about it. Specially since the size of this things is enough to copy/paste most of our crucial information.

This tool comes in handy in this scenario, to counter check it the Group Policy is properly implemented.

By: Michael Klemm

Michael Klemm — Fri, 11 May 2007 13:32:15 +0000

great tool, we should definitly use that in our company. even if the security policy is quiet strict here in the building i work, you can _always_ get in any kind of digital mobil device and connect it _anywhere_ at the company’s desk.
i will for sure suggest this tool to our CNA-department, hopefully they will give it a try. just 2 months ago people claimed about losing data while they where at a short coffee-break - you can never be sure what happens while you’re not at your computer.

michael ([GAS]-reader)

By: [GAS] Giveaway: Free GFI T-Shirts and Frosted Mugs | [Geeks Are Sexy] Technology News

Fri, 11 May 2007 13:23:05 +0000

[...] to distribute to our beloved readers. So the first four of you to leave a relevant comment on our EndPointScan review will get one set of these gifts delivered to their home for free. Just be sure to leave your [...]

By: links for 2007-05-11 « My Weblog

links for 2007-05-11 « My Weblog — Fri, 11 May 2007 10:19:25 +0000

[...] EndPointScan: Scan your network for USB-related security risks | [Geeks Are Sexy] Technology News (tags: malware security usb) [...]