Monday, February 1, 2016

What is Pod Slurping ?


Nowadays we take several steps to ensure safety of our data. We configure firewalls, install Intrusion Detection and Prevention software and take help of anti-malware programs to prevent theft of sensitive data. No doubt these help us a lot. But, alas, there are still methods which can bypass all these safety measures, irrespective of however strong they are, and steal sensitive data. Pod Slurping is one such example.





What is Pod Slurping ?


Pod Slurping is a technique used by miscreants to steal sensitive data from a system using some simple devices like iPods, USB Sticks, Flash devices and PDAs. The miscreants simply plug these devices to the system containing data and transfer those within few minutes.

The vulnerability was first discovered by Security Expert Abe Usher. He created a Proof of Concept by using a small application slurp.exe and his iPod. He plugged in the device to a computer and was able to transfer considerable amount of sensitive data just in 65 seconds.

This attack is indeed a very simple, but a serious one. If any miscreant who has physical access to a computer, can use this technique. It does not require much software knowledge to steal information using Pod Slurping.

And, it is much difficult to prevent this. Almost every computer has USB ports enabled and anyone including employees of a company possess devices like iPods, MP3 Players or USB Sticks.


How to prevent Pod Slurping ?


As I discussed above, it proves much difficult to prevent Pod Slurping. In an organization, disabling USB ports or prevent users from using USB Sticks is one method of preventing this attack. But, it is no doubt inefficient. USB ports and USB Sticks are much helpful in our daily life and preventing the use of them will rather make our life difficult.

In Unix based systems Pod Slurping can easily be prevented though, by preventing users from mounting portable devices. Microsoft also has released instructions to prevent users from installing USB mass storage devices on its Operating Systems.

There are also a number of third-party security products that allow companies to set security policies related to usage of USB devices.



No comments:

Post a Comment