Hi,

We are going to be changing servers shortly and want to destroy the data on our old server before we give it back. We have 2 x 250GB configured in RAID

Would be useful if we could have:

A. A command we can use to shred the data one directory at a time.
B. A command to shred/wipe the complete drive.

Thanks for any help!

Download Darin's boot and nuke. Do a DOD wipe on it, takes 7 passess writing straight 0's and 1's to the drive. THIS IS NOT A GUARANTEE! Data could in theory still be recovered but it would take the will of some super guru locked up in the NSA's basement.


However, this is very very standard. While working for one of the top level finance companies who held social security numbers, bank account numbers etc.. we would do a DoD wipe then physically shred the drives. Its the equivalent of taking a piece of paper that has writing on it and blacking it all out with a sharpie, you cant see it but the original stuff is still there, so then you take that blacked out piece of paper, light it on fire and bury the pieces at the four corners of the world. Well a little extreme but you get the idea.


http://www.dban.org/

If you've got any form of remote management (IPMI, iLO, DRAC or whatever else TLA or FLA in use) that allows you to boot an ISO or DVD load up DBAN (quick wipe with verification pass should prove to be "good enough" most of the times). Else load any other Live CD, bootable USB stick, or perform the 'dd if=/dev/zero of=/dev/whateverraiddevice' from within the system as that could be entertaining too ;-p *Note that for any device processed I do not consider the wiping process finished until verification is done (easier if you write a pattern or zeroes).

When I'm disposing of a drive that contains sensitive information, I physically disassemble it and smash the platters into a million pieces with a hammer.

:shrug:

If you need the drive in-tact, then go with dban

OR... http://thehacktory.org/wp-content/up...g-printer.jpeg

This is a remote server so I dont think any of your suggestions will be posible, we dont have physical access to the drive.

I was looking for something more like a Linux command that could be run that would be a bit more secure than just rm

If you do not have physical access to the drive then wouldn't it be safe to assume that you are not responsible for maintaining your hardware and that you are paying a company or someone to do so, if thats the case and it is pretty common, then data erasure and all that should be written into the statement of work or contract.


Without access to the drives or being able to boot from an iso you only have access to the linux utilities.


Now you could do unspawns suggestion of using /dev/zero and dd to write zeros to a device but if that device is teh one you are currently running the OS off of it will only get to a certain point before the OS becomes unusable and would not be an acutal wipe.

How about just:
For a drive: sudo dd if=/dev/zero (or random) of=/dev/sdX. It's not called Destroyer of Disks for nothing. This will probably work better if /dev/sdX is not the root drive. This may not be the ultimate way of wiping data but it would certainly make recovery somewhat expensive.

Regards,
Stefan

Use shred in combination with find.

Shred only works on files, not directories, so you'll need to use remove the directories manually.

Stefan


I don't use dd often but can you clarify your post a little here?

Wouldnt:

Continue to keep writing 16 Megabytes to the ./file until the drive ran out of space or the command was cancelled? I know that I get my dd options mixed up sometimes and the man page didnt help clarify it very much.

Before dd, you could perhaps write a script that includes shred.

man shred will tell you that

After that, dd if=/dev/zero .... would be perfect! May be.

Then you should have stated so in your OP. Efficiency and all that.


Remove the files then run 'dd' as propofol suggested (running 'shred' and then 'dd' gives you nothing extra). Again, verify (or have personnel verify) the disks content after the op. Without post-op verification any "secure deletion" makes no sense at all.

The aim is to overwrite the free space where your files used to be with zero's or random numbers (/dev/random). With just a "rm -rf folder" only the reference to the file is removed. The "bs=16M" is just to speed things up - dd still writes until the drive is full even if the last block is not a full 16Mb.

Regards,
Stefan

What about backups? Were they under your control, or was the owner of the system making its own backups? If the latter, you need to ensure that those are destroyed as well.

If the drive you are writing to is apart of the root filesystem this would not work, it would hit a certain point where it would just fill up the filesystem, all of the data would still be recoverable if you pulled the drive and mounted it as asecondary drive on another system.