In the last video, we talked about defensive strategies to take against unknown USB devices.
In this video, we'll discuss how you can analyze devices safely that you suspect of being an attack.
No, I don't really recommend this for everyone, because you have to take certain precautions.
But if you're curious and you take the proper precautions, ah may be a good opportunity to learn
Now, first of all, you're gonna want to use a computer that you don't care about because, as you know, us be killed. Devices destroy machine. So you want Ah, machine that really has little value to you.
Oh, and when you're analyzing, you don't wanna have a machine that has any network access whatsoever. You don't want it. Have access Internet. You don't even wanna have access to you your local network. Because, as you know, mouth Mao around these devices could spread to to your local
and that, in fact, your your other machine, Then you don't want that.
And Attackers also try to exfiltrate data or do other things via the Internet. So you don't want to have Internet access either.
also, you don't want the machine to have any personal information whatsoever on the machine because it's not worth losing any valuable information. Two Attackers.
Um, not really. Once once that's all done and you have a fresh, clean image on the machine, you can go ahead and and look and see what's on the device. See if there's any hidden files. Maybe you can look at any encode on on
on the files, or it may just be a normal, um,
flash drive, which which is OK to, um, but once once you're done doing that, I I recommend doing ah, clean wipe on the machine on I mean that through the OS, putting a brand new image on the machine
because you don't you really don't want whatever was on the device to be on that machine now, Um,
and if you really don't know you're doing, uh, I wouldn't recommend this. You could maybe give it to someone that does know what they're doing, and I help mean someone that's just good with computers, someone that actually knows
what they're doing and can protect themselves. So
if you're interested, you could do this. Just be very, very careful