Whilst randomly browsing a few days ago I came across a document prepared by the National Security Agency (NSA) that describes how to disable USB storage on Linux, OS X, Solaris and Windows platforms.
For OS X the guide describes disabling USB and Firewire storage:
- Log on with an administrator account.
- Browse to ‘/System/Library/Extensions' folder on the system disk.
- Trash both IOUSBMassStorageClass.kext and IOFireWireSerialBusProtocolTransport.kext which are found in this directory.
- Empty the trash.
- Reboot the machine.
Disabling USB storage on a Windows platform is only a little more complicated:
- From Explorers folder options ensure that hidden files and folders are displayed, file extensions are not hidden and simple file sharing is disabled.
- Open up the properties for %systemroot%\Inf\Usbstor.inf (%systemroot% would normally be ‘C:\Windows').
- Select the security tab and make sure that all options for all users are set to deny. This must include administrators and SYSTEM.
- Repeat the above for %systemroot%\Inf\Usbstor.pnf
- If USB storage devices have been used on this machine previously then open up the registry editor otherwise ignore steps 6 and 7.
- Browse to the registry location ‘HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\UsbStor'.
- Open up the registry key ‘Start' and change the data value to ‘4'. Close the registry editor.
That's it! If simple file sharing was enabled previously then don't forget to re-enable it.