Testing a USB device for malware

Follow these instructions to test a USB device from any linux workstation.

Testing from a CLASSE Linux Workstation

  1. Log into the linux workstation using the graphical interface
  2. Plug in your USB device. You should see it automatically appear on your desktop. If it does not, take your device to the nearest CIT malware detection station.
  3. Open firefox and browse to /nfs/opt/usbtest/main.html (or, type file:///nfs/opt/usbtest/main.html in your URL bar).
  4. Click on RUN TEST
    1. When propted for a download, select Open with, click on browse, and browse to /nfs/opt/usbtest/usbtest.sh
    2. Click OK
    3. A web page (or tab) should appear that either claims your drive is clean or infected. If it claims your drive is infected, it means that one of the removable devices attached to your system may be infected, so please follow the instructions that appear. Please note that if you do not have any USB drives mounted (appearing on your desktop), the test probably only checked your systems CDROM drive.
  5. right-click on the desktop icon for your device, and choose unmount
  6. remove your USB device

Testing from a non-CLASSE computer

  1. Download and unpack usbtest_2.1_LEPP.zip
  2. Start firefox and open the main.html file from the directory you just unpacked.
  3. Proceed as above.

The attached usbtest_2.1_LEPP.zip was adapted from https://confluence.cornell.edu/display/ITSECURITY/USB+Malware+Detection+Script+for+Ubuntu+Live+CD.
Topic revision: r4 - 17 Apr 2014, SeldenBallJr
This site is powered by FoswikiCopyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding CLASSE Wiki? Send feedback