DISABLE PLUG AND PLAY DEVICES
Disable UnPnP Discovery Service
Open your registry and find the key
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SSDPSRV
Set the value of "Start" to "4" to disable the service, or "3" to enable it.
DISABLE USB PORTS OF COMPUTER
Disable Universal Plug and Play Device Host
Open your registry and find the key
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\upnphost
Set the value of "Start" to "4" to disable the service, or "3" to enable it.
1 comment:
However, both these approaches can prove to be counter-productives as your staff can no longer use USB keyboards, wireless mouse, digital cameras, camcorders, scanners, printers or even USB microphones to their computers.
So a more reasonable option for sysadmins is to disable write access to USB port so that data files cannot be written to the mass storage device. The USB thumb drive will be read-only.
Open the Windows Registry and open the following key
HKEY_LOCAL_MACHINE\System\CurrentControlSet\ Control\StorageDevicePolicies
Now add a new DWORD called WriteProtect and put the value as 0 to disable write privileges to the USB port. To reverse the step, either delete the WriteProtect REG_DWORD or toggle the value to 1 which will enable the port.
Remember that the above trick works only with Windows XP SP2.
If you like to go a step further and disable users from connecting USB storage devices to their computers, here's the trick:
Open registry and navigate to the following registry key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet \Services\UsbStor
Now in the right pane, double-click Start and type 4 in the Value data box (Hexadecimal) and quite the registry editor. To enable the USB storage devices, change the Start value back to 3.
No matter how good the protection tricks are, determined people always find workarounds.
Post a Comment