USB Waechter, Only Allow Whitelisted USB Devices PC Access
One of the major causes for PC infections with worms, viruses and trojans are USB devices that are connected to the computer. Vulnerabilities in the past have shown that it is sometimes enough to connect the USB device to the PC to infect the system.
A program like USB Waecher, which is German and means USB Guardian, can protect the computer from these attacks. The program uses a whitelist to determine if an USB device may connect to the PC. Devices that are not in the whitelist are not permitted to establish the connection unless they are whitelisted by a system administrator.
Part of the information displayed are in German, with no option to change the interface language. It is however not difficulty to use the program even without understanding German. The program makes use of the Microsoft Management Console to administrate the USB devices.
The most important menu on the left side is Erlaubte Geräte, which means allowed devices. This lists all USB devices that are permitted to connect to the PC so that they can be used. All devices that are connected during installation are automatically added to the whitelist.
It is possible to remove devices from that list by right-clicking on an USB device and selecting Delete from the context menu.
New USB devices are added to the whitelist by clicking on the + icon in the toolbar of the application, or by right-clicking on Erlaubte Geräte and selecting Gerät hinzufügen (which means add device). This displays a wizard which is completely in German. Not a big problem though as you need to click on Weiter (next) in the first screen to select the USB device that needs to be added to the whitelist on the second.
Just select the device or devices and click Weiter once again. Click Fertig stellen (finalize) on the last screen of the wizard to add the device to the whitelist.
Download and compatibility
USB Waechter is compatible with 32-bit and 64-bit editions of Microsoft Windows 7, XP, Vista and the server products Server 2003, Server 2008 and Server 2008 R2. The program can be downloaded directly from the developer website.
Advertisement
What stops anyone unauthorised to add a new usb stick to the whitelist when being first rejected? Is the program locked with a password?
I got its core idea, but, what if I connect a new USB drive – whitelist or blacklist?
New USB devices are not allowed to connect. They need to be added to the whitelist first.