USB Keystroke Injection Protection
#Network & Cloud#Network Security
AWS Shield provides managed DDoS protection for your applications, automatically detecting and mitigating sophisticated network-level DDoS events.
This tool acts as a daemon
This tool functions as a daemon designed to block USB keystroke injection devices on Linux systems.
It supports two distinct modes of operation
The system operates in two modes: monitoring and hardening. In monitor mode, it gathers and logs information regarding a potentially malicious USB device into syslog. In hardening mode, the system ejects the attacking USB device from the operating system by unbinding its driver.
Installation Process Managed by Setup
The installation process is primarily managed by the setup.sh script. However, there are a few prerequisites that must be addressed before executing the script:
1. Ensure that Python 3.7 or later is installed on your system, along with the python dev package, virtualenv (python3-venv), and PIP3 (python3-pip) if they are not already present.
2. Modify the KEYSTROKE_WINDOW variable located at the top of the setup.sh file.
This is the number of keystrokes analyzed by the daemon
This refers to the number of keystrokes that the daemon examines to determine if it is responding to an attack or not.
The lower the number, the more false positives occur
The lower the number, the higher the rate of false positives will be. For example, if the number is set to 2, the tool examines only 1 interarrival time between those two keystrokes to decide whether an attack is occurring. It is important to note that users often press two keys nearly simultaneously, which can result in the previously mentioned false positives.
