Results 1 to 6 of 6

Thread: Disabling Drives

  1. #1

    Question Disabling Drives

    I am in need of disabling the floppy and CD drives of individual computers where I work. The employees don't need those drives, and we need to disable them to prevent them from being used. Other than just outright removing the drives, how do you disable them in Windows so that users cannot use them?

  2. #2
    Senior Member DeadAddict's Avatar
    Join Date
    Jun 2003
    There is one thing that you can try doing but any person who knows the windows O.S very well can get around this if you are running windows xp go into the control panel and double click on the system icon the click on the hardware tab and browse to the floppy and cdrom drive you want to disable then right click on it and then select disable that will prevent the drive from working and showing up.

  3. #3
    Join Date
    Apr 2003
    you can also go to right click my computer and click Manage and then click "Device Manager" and disable or uninstall any hardware there. You also can restrict access to the Device Manager so that limited users can't access it. I dont know how though i wasn't on an network administrator account that much to try it out.

  4. #4
    Senior Member
    Join Date
    Aug 2003
    Disable the ability to boot from a floppy or CD ROM on physically unsecured systems.
    There are a number of 3rd party utilities that pose a security risk if used via a boot disk (including resetting the local administrator password.) If your security needs are more extreme, consider removing the floppy and CD drives entirely. As an alternative, store the CPU in a locked external case that still provides adequate ventilation. You can also restrict access to the floppy and CD-ROM drives in Windows XP Professional via the Local Computer Policy in the MMC (Click Start > Run > type GPEDIT.MSC > Go to Computer Configuration > Windows Settings > Security Settings > Local Policy > Security Options )
    Disable AutoRun for the CD-ROM
    One of the easiest ways for a hacker with physical access to a company's PC's to distribute malicious code is via the CD-ROM. By creating a custom CD with a payload set to launch from the autorun feature in any machine, a hacker can affect any number of unlocked systems without ever leaving a fingerprint or touching a keyboard. Or he/she can simply leave a few of these lying around the office marked "MP3's", or "Payroll Data" and wait for an unsuspecting user to simply pick it up and insert it into their machine. You can disable this function in Windows XP Professional by clicking Start > Run > and type GPEDIT.MSC Then go to Computer Configuration > Administrative Templates > System > Locate the entry for Turn autoplay off

    Is this what you are looking for?

    Lots of goodies here:

    Another good link for future reference:

  5. #5
    Senior Member Zonewalker's Avatar
    Join Date
    Jul 2002
    umm... why not just lock the drives with a physical lock... much better than any software you can find... users cannot get around this unless they have a key which of course will be kept by the IT manager

    look here


    PS loads more shops which sell this kind of stuff but the above will give you an idea what to look for
    Quis Custodiet Ipsos Custodes

  6. #6
    Junior Member
    Join Date
    Dec 2003
    Originally posted here by groovicus
    Is this what you are looking for?

    Lots of goodies here:

    Another good link for future reference:

    to make sure they dont go to the device manger, reduce their rights when creating an account for them
    Its a cyberworldlic experience!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts