kcs Posted June 25, 2019 Share Posted June 25, 2019 SentinelOne Complete has an option to block usb devices based on their "Class Code" (https://www.usb.org/defined-class-codes). Can you tell me what class code the HAK5 tools use when they present themselves as "networking" devices to the host? I would like to make recommendations for blocking these types of attacks. Thanks for your assistance! Link to comment Share on other sites More sharing options...
theUNK0WN Posted June 30, 2019 Share Posted June 30, 2019 In my opinion, I don't think anyone would supply you with that information as it could damage the business of Hak5 products. yeah ok, see post below. đ Link to comment Share on other sites More sharing options...
Forkish Posted July 22, 2019 Share Posted July 22, 2019 On 6/30/2019 at 12:29 PM, _0NiTy said: In my opinion, I don't think anyone would supply you with that information as it could damage the business of Hak5 products. I donât know much nor do I own a BB, but wouldnât you be able to âsniffâ that information with wireshark? Or possibly look in the computerâs connected/installed devices list/properties? edit: found USBView for windows which can give you that information- https://www.nirsoft.net/utils/usb_devices_view.html Also: https://www.ftdichip.com/Support/Documents/AppNotes/AN_174_Determining USB Peripheral Device Class.pdf Link to comment Share on other sites More sharing options...
korang Posted July 22, 2019 Share Posted July 22, 2019 Why wouldn't you purchase a BB, and test this yourself. if you want to block these devices, it might be better to purchase one and discover what you need. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.