Monday, November 19, 2007

USB Flash Drives

You've read the book, seen the movie, and even got the t-shirt.
What began life as a "toy" has exploded into something we probably never imagined. It's humble 256Mg storage capacity has grown to a 16Gb [8Gb review here] self contained shock proof, water resistant portable desktop. I'm not sure how many of you are using this device for that purpose. Some may just use it for easy transfer of large files. But if you like to take all your goodies with you, here's a starting point.

Portable apps
A portable app is a computer program that you can carry around with you on a portable device and use on any Windows computer. When your USB flash drive is plugged in, you have access to your software and personal data just as you would on your own PC. And when you unplug, none of your personal data is left behind.

Even the lightest laptops won't fit in your pocket. But these days, you don't need to lug around an entire computer just to get some work done. In fact, you can carry your entire PC desktop on a USB stick and gain access to your favorite applications, browser bookmarks, documents and even your e-mail no matter what computer you sit down in front of.
Wired article - Nov 8

Portable Freeware Collection
The wired WIKI article doesn't mention it, but the Portable Freeware Collection is the most extensive database of portable Windows software I know of. They even tell you just how portable a program is (whether it will still save settings to the %APPDATA% directory or need administrator access to write to the temp directory, for example) and how to make some non-portable programs portable.

Read the Lifehacker articles HERE.

U3 - The 'Official' Portable USB Apps Platform
U3 smart drives are traditional USB Flash Drives with a specific setup:
Two partitions: one for the U3 Launchpad, and one for U3 Programs and Data
U3 Launchpad Preloaded onto primary partition and set to autoplay
Optional: U3 Compliant Applications Preloaded

Visit the website HERE

USB Webites - Portable software for USB drives
List of portable software -
Everything USB... We Mean Everything!

Security/Hacking apps
I am not linking to the actual modified applications, primarily because although these can be used to assist in securing your network, can also be used for nefarious purposes … [of course they are not difficult to find ]

Nmap is a free open source tool used for network exploration and vulnerability auditing. Using Nmap a user can quickly scan large networks as well as target specific hosts. Nmap uses IP packets in unique ways to figure out what hosts are available on a given network and can determine what operating system it is running as well as determine what services (including versions) it is running and can also discover what type of packet filters and firewalls are in use.

Ethereal is a free protocal analyzer, also called a packet sniffer that is used for network troubleshooting, analysis and protocol development. The tool allows the user to see all traffic being passed over a network when putting a network card into what is known as “promiscuous mode”.

Showtraf is a tool that monitors network traffic on a network and displays the traffic continuously via a GUI.

TCPDump is similar in functionality to Ethereal, however works via the command line and does not have a graphical user interface. The application allows the user to intercept and display TCP/IP and other packets transmitted and received over a network.

Nemesis works on the command line and is used for packet crafting and injection. It is used primarily for testing Network Intrusion Detection Systems, firewalls and IP stacks and other networking tasks.

John the Ripper
John the Ripper is a password cracking tool which works to detect weak password. There are several other password cracking tools that run via USB, in fact most can. Interestingly many anti-virus applications will detect the presence of these files and quarantine them, however all one needs to do is temporarily disable the anti-virus which most users have the rights to do and it can be run without a problem.

Netpass is a utility used to recover network passwords on Windows 98/ME, however can also discover other passwords on XP such as .NET Passport passwords etc.

A “podslurping” application that allows users to copy large quantities files from a system in a matter of seconds. A version that simply audits a system as an example of how such an application works is downloadable from here.

This is just a sampling of security related applications that can be run directly from a USB drive, this is by no means complete. More applications are appearing on a daily basis that can run straight from a USB flash drive.

Portable USB Flash Drives - Formatting
All types of flash memory and EEPROM wear out after a certain number of erase operations, due to wear on the insulating oxide layer around the charge storage mechanism used to store data.

Warning! Windows XP provides a tool to format USB flash drives, but the results of that process are error-prone. In a worst case situation, it can even destroy the flash RAM in a USB flash drive.

USB Format Tool: This programme may be used to safely format most USB flash drives.

Click HERE to download.

Installation :
Download the .EXE file to a directory on your hard drive.
Execute the downloaded file and follow the on-screen instructions.

Utilities to make USB flash drives bootable
I found a couple of links for creating bootable flash drives that I found useful. How to boot from a USB device has good instructions, and this worked for me, and took about 20 minutes. Then I found this utility:
HP bootable flash utility. And it worked for me as well, and took about a minute. The best thing about this utility is that it is reported to work with many other flash drives - I tried it on a no-name USB 2.0 thumb drive, made it bootable with the HP utility on a 1.1 USB bus, and then used it to boot a computer.

USB Hacksaw
The USB Hacksaw is an evolution of the popular USB Switchblade that uses a modified version of USBDumper, Blat, Stunnel, and Gmail to automatically infect Windows PCs with a payload that will retrieve documents from USB drives plugged into the target machine and securely transmit them to an email account. Proof of concept code shows how to deliver the payload instantly with a U3 autorun hack borrowed from the USB Switchblade on Windows 2000 or higher computers running as administrator or guest. Automatic propogation to other USB devices is possible.

Visit the website HERE.

Buy or create security
There is now a reasonable choice of products if you wish to purchase your security over the counter. To mention a few : Stealth MXP [4Gb] is a complete standalone, portable, USB powered, secure, multi-functional product with on-board processor and seamless, hardware based encryption. IronKey [4Gb] is a USB flash drive with a dedicated hardware encryption chip and a self-destruct ability, bundled with secure means of accessing internet and storing your passwords.

Or, if you are not on your Fedaral Police Force "Midnight Visit List" you may just like to grab a 16Gb Corsair Flash Survivor GT [reviewed above], and instal TrueCrypt. While this is just a software solution, it should be enough protection for most users.


Post a Comment

Links to this post:

Create a Link

<< Home