Help to secure USB ports

[cgott42]

I am in charge of a PC used in a public rec area, and we want to make sure that no one can plug in any USB device and infect the computer (e.g. via USB drive, usb wifi , etc) I purchased physical locks, whcih plug into the port and require a physical key to take out and thought that I was reasonably set, however now I realize that the Acer Revo AR3610-U9022 has a wireless k/b mouse which requires a mini-USB receiver plugged into a USB port - thus someone could pull the plug out, and insert a USB drive there
Is there a way to keep the mini-USB receiver plugged in and not allow anyone to access it - or attach a k/b , mouse another way (there is not Pss port)?
FWIW - I have no sensitive data on the PC (i.e not concerned about people d/l'ing from the PC, just don't want them putting anything on it via the USB port)

thx

 

[Crusty]

Use one of your USB headers inside of the case on your mobo instead of outside the case. You might have to disconnect some of the fronts ports to get a header open, but it should be doable.

 

[MedicBob]

I second just unplug them. You could move one inside the case for the wireless KB

 

[Binky]

Buy a locking metal box. Bolt/screw it down to the table. Cut holes for wires and airflow, and put the computer in the box.

 

[cgott42]

Use one of your USB headers inside of the case on your mobo instead of outside the case. You might have to disconnect some of the fronts ports to get a header open, but it should be doable.

thanks , that's a great idea.
However, when I opened the case, everything seems to be soldered on - nothing that I could unplug (except the front USB ports which plug into a 14 pin connector, which also has the on/off button)

 

[Homerboy]

Some BIOs allow for disabling USB storage.
If this is an Windows OS:
http://support.microsoft.com/kb/823732

 

[lxskllr]

Kind of low budget, but you could make a thin cable noose that goes around the USB adapter, then goes through holes you drilled in the case with a small padlock or bolt to secure it. That won't stop someone with a Leatherman, but it'll foil casual users.

Edit:
added content

 

[cgott42]

OK, I opened the case, and looked into the BIOS and here's what I've secured, and what I haven't figured out yet:

Already Secured:
(a) Internal Wifi - opened case, and unplugged antenna wires
(b) Wired Ethernet port - disabled in BIOS
(c) disruption to BIOS settings - via password
(d) USB - physical lock

Probably easily doable:
(a) erase True Image - I have Acronis True Image installed, and an image on the secure zone. I'm worried someone will open the program and delete the image. I can probably uninstall the software w/o deleting the securezone
(b) external eSATA port and external SD flash card port - everything on motherboard is soldered in . Perhaps I can disable in Win7 Device Manager in p/w protected admin account - Can anyone help me in how to identify them (nothing seems obvious)

Haven't figured out: - PLEASE HELP
(a) k/b and mouse are via wireless USB key - thus the USB plug is sticking out and someone could unplug it and put an autorun USB flash drive to cause problems. There isn't an internal plug that I can use to connect the USB plug internally as mentioned. Any ideas - my only thought at the moment is a physical brace around the entire unit (w/ hole for air) preventing someone from pulling out the k/b mouse USB plug, or using eSATA, and flash port - I'll google search, if anyone knows of something already made and cheap let me know, or other idea.
(b) Someone physically stealing the wireless k/b or mouse
(c) how to prevent the users from turning off windows/pc via start/shut down (ie assuming they don't have access to the power button, I want to make sure they don't shut down the PC via start/shut down

Anything else that I should secure or other ideas?

thx

 

[cgott42]

Just bought a cash box from walmart and cut the sides to allow air flow.
viola!
thx

 

[Modelworks]

The easiest solution is what corporations do. Put the entire pc inside a cabinet with a locked door. Any cabinet with a lock and key will work or they do make cases designed for it:
http://www.amazon.com/Global-Industr.../dp/B0012WPP5U

 

[sourceninja]

I'm still in shock that there are uses for computers that don't require internet access. LOL.

 

[Binky]

Just bought a cash box from walmart and cut the sides to allow air flow.
viola!
thx

Hey, where's my prize for the winning solution?!?!?