kcs Posted June 25, 2019 Share Posted June 25, 2019 SentinelOne Complete has an option to block usb devices based on their "Class Code" (https://www.usb.org/defined-class-codes). Can you tell me what class code the HAK5 tools use when they present themselves as "networking" devices to the host? I would like to make recommendations for blocking these types of attacks. Thanks for your assistance! Quote Link to comment Share on other sites More sharing options...
theUNK0WN Posted June 30, 2019 Share Posted June 30, 2019 (edited) In my opinion, I don't think anyone would supply you with that information as it could damage the business of Hak5 products. yeah ok, see post below. đ Edited July 25, 2019 by _0NiTy I was wrong. Quote Link to comment Share on other sites More sharing options...
Forkish Posted July 22, 2019 Share Posted July 22, 2019 (edited) On 6/30/2019 at 12:29 PM, _0NiTy said: In my opinion, I don't think anyone would supply you with that information as it could damage the business of Hak5 products. I donât know much nor do I own a BB, but wouldnât you be able to âsniffâ that information with wireshark? Or possibly look in the computerâs connected/installed devices list/properties? edit: found USBView for windows which can give you that information- https://www.nirsoft.net/utils/usb_devices_view.html Also: https://www.ftdichip.com/Support/Documents/AppNotes/AN_174_Determining USB Peripheral Device Class.pdf Edited July 22, 2019 by Forkish listed nirsoft Quote Link to comment Share on other sites More sharing options...
korang Posted July 22, 2019 Share Posted July 22, 2019 Why wouldn't you purchase a BB, and test this yourself. if you want to block these devices, it might be better to purchase one and discover what you need. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.