Menu
I am writing a mini-filter code for USB (Flash Drives) for blocking i.e (Access Denied).So, could someone help me out, how to detect or block USB or what methods to use in passThrough WDK sample code for USB detection and USB blocking?
I am trying to use *IOCTL_STORAGE_QUERY_PROPERTY in PFLT_INSTANCE_SETUP_CALLBACK*. Am i on right path?? if yes then how to use IOCTL_STORAGE_QUERY_PROPERTY in PFLT_INSTANCE_SETUP_CALLBACK???
747
After 3 months of work I have finally achieved blocking. Though I can't give direct code here. But following link might help.
PassThrough Development
GitHub Link
110
One way could be to get the device object using FltGetDiskDeviceObject and then check for FILE_REMOVABLE_MEDIA flag in device_object->Characteristics. Once you get to know about the device type, then you can block or allow the required operations (that you need to register with FLT_OPERATION_REGISTRATION).
39
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
