LinuxQuestions.org
Support LQ: Use code LQ3 and save $3 on Domain Registration
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
LinkBack Search this Thread
Old 10-06-2009, 10:02 AM   #1
sl33p
Member
 
Registered: Dec 2008
Location: Tahiti
Distribution: Kali Linux
Posts: 42

Rep: Reputation: 17
Unhappy Linux tools to wipe out a hard drive


Hi guys!

Here is the thing:

There's confidential information in a client's system that could lead to major problems if this should fall into the wrong hands.

I have to make sure the data contained in this hard drive is completely cleaned, and that NO ONE in the world could ever recover it, even forensically.

Would you know about:
  • A (ideally) light Linux tool used to wipe the data from a device (well, ok... could be Windows based as well);
  • One secure method to certify it was correctly wiped.

I can do the wipe using EnCase software from Guidance Software, but I find it very time consuming for this task.

Thanks a lot!
sl33p
 
Old 10-06-2009, 10:15 AM   #2
SethsdadtheLinuxer
Member
 
Registered: Jun 2007
Posts: 152

Rep: Reputation: 37
here's a light way to do it.
dd if=/tmp/0 of=/dev/sda1 bs=1
dd if=/tmp/1 of=/dev/sda1 bs=1
dd if=/tmp/2 of=/dev/sda1 bs=1

/tmp/0 has 1 byte that is 0
/tmp/1 has 1 byte that is 1
/tmp/2 has 1 byte that is 2

by writing all of the drive with 3 bytes, you make forensics have to go back 4 versions to find data. If you need more than that, just magnetize the drive.
 
Old 10-06-2009, 10:19 AM   #3
AlucardZero
Senior Member
 
Registered: May 2006
Location: USA
Distribution: Debian
Posts: 4,568

Rep: Reputation: 510Reputation: 510Reputation: 510Reputation: 510Reputation: 510Reputation: 510
dd

dban
 
Old 10-06-2009, 11:41 AM   #4
catkin
LQ 5k Club
 
Registered: Dec 2008
Location: Tamil Nadu, India
Distribution: Servers: Debian Squeeze and Wheezy. Desktop: Slackware64 14.0. Netbook: Slackware 13.37
Posts: 8,512
Blog Entries: 27

Rep: Reputation: 1174Reputation: 1174Reputation: 1174Reputation: 1174Reputation: 1174Reputation: 1174Reputation: 1174Reputation: 1174Reputation: 1174
Simply
Code:
dd if=/dev/zero of=/dev/sda1
Or, if you believe the probably mythical idea that HDD secondary level residual magnetism is strong enough to allow significant data to be extracted after new values have been written, run this a few times.
Code:
dd if=/dev/urandom of=/dev/sda1
Either way a blocksize of 1 will take a very long time; the default 512 blocksize is not a bad choice.

EDIT: if it's the whole HDD you need to wipe rather than the first partition change /dev/sda1 to /dev/sda in the above suggestions. "sda" is, of course (!) just an example.

Last edited by catkin; 10-06-2009 at 11:44 AM. Reason: Typo: random for zero
 
Old 10-06-2009, 11:48 AM   #5
michaelk
Moderator
 
Registered: Aug 2002
Posts: 11,531

Rep: Reputation: 674Reputation: 674Reputation: 674Reputation: 674Reputation: 674Reputation: 674
Quote:
I have to make sure the data contained in this hard drive is completely cleaned, and that NO ONE in the world could ever recover it, even forensically.
The absolutely 100% sure method would be to take the disk apart and grind/shred up the platters.
 
Old 10-06-2009, 01:10 PM   #6
Chromezero
Member
 
Registered: Nov 2004
Location: Arizona
Distribution: Slackware, RHEL, others
Posts: 470

Rep: Reputation: 40
DBAN is a commonly used tool for sanitizing hard drives and is approved by many government agencies for clearing sensitive data. If it's good enough for them, it's probably good enough for you. However, as others mentioned, the only way to guarantee that no one can retrieve data is to physically destroy the drives.
 
Old 10-06-2009, 01:28 PM   #7
H_TeXMeX_H
Guru
 
Registered: Oct 2005
Location: $RANDOM
Distribution: slackware64
Posts: 12,928
Blog Entries: 2

Rep: Reputation: 1266Reputation: 1266Reputation: 1266Reputation: 1266Reputation: 1266Reputation: 1266Reputation: 1266Reputation: 1266Reputation: 1266
If you want maximum confidence that the data is unrecoverable even with electron microscopes (I don't think any lab exists that has successfully used this technology for this purpose with any degree of accuracy), use DBAN (like many above say).

If you don't plan on keeping the HDD, then simply use thermite:
http://en.wikipedia.org/wiki/Aluminothermic_reaction

You can also use a powerful magnet and rub it on the platters ... or a sledgehammer, or explosives, or corrosives, or many things...

In the real world you can just use 'dd if=/dev/zero of=/dev/sda'.
 
Old 10-06-2009, 02:27 PM   #8
Vhann
LQ Newbie
 
Registered: Nov 2008
Posts: 24

Rep: Reputation: Disabled
Quote:
Originally Posted by sl33p View Post
Hi guys!

Here is the thing:

There's confidential information in a client's system that could lead to major problems if this should fall into the wrong hands.

I have to make sure the data contained in this hard drive is completely cleaned, and that NO ONE in the world could ever recover it, even forensically.
I don't know about DBan, but one tool I love for this task is 'shred'
which can be used like this:
Code:
shred -n {numberOfIterations} -vz {/dev/hardDriveOrPartitionHere}
The cool thing about 'shred' is it is included in base Slax (www.slax.com) which means you can boot from CD-Rom or USB key and erase the drive very easily (and since you can boot in 'copy to RAM' using Slax, quite fast too).

Hope this helps.
Regards,
Vhann
 
Old 10-06-2009, 02:55 PM   #9
nomb
Member
 
Registered: Jan 2006
Distribution: Debian Testing
Posts: 675

Rep: Reputation: 58
We are required to use BCWipe.
BCWipe
 
Old 10-06-2009, 02:58 PM   #10
linuxpokernut
Member
 
Registered: Jul 2007
Distribution: Slackware 14
Posts: 237
Blog Entries: 8

Rep: Reputation: 59
Quote:
Originally Posted by Vhann View Post
I don't know about DBan, but one tool I love for this task is 'shred'
which can be used like this:
Code:
shred -n {numberOfIterations} -vz {/dev/hardDriveOrPartitionHere}
The cool thing about 'shred' is it is included in base Slax (www.slax.com) which means you can boot from CD-Rom or USB key and erase the drive very easily (and since you can boot in 'copy to RAM' using Slax, quite fast too).

Hope this helps.
Regards,
Vhann
even the feds claim they cant recover shreded HDD's.
Oh wow apparently the same is true for BCWipe. Learn something new every day.

Last edited by linuxpokernut; 10-06-2009 at 03:00 PM.
 
Old 10-06-2009, 03:20 PM   #11
unSpawn
Moderator
 
Registered: May 2001
Posts: 26,519
Blog Entries: 51

Rep: Reputation: 2598Reputation: 2598Reputation: 2598Reputation: 2598Reputation: 2598Reputation: 2598Reputation: 2598Reputation: 2598Reputation: 2598Reputation: 2598Reputation: 2598
Quote:
Originally Posted by sl33p View Post
A (ideally) light Linux tool used to wipe the data from a device
The choice for using Encase, DBAN or BCWipe and 'dd' is founded in the regulations you've got to adhere to (we used DBAN but I could have opted for Encase as well). Encase, Dban and BCWipe are all good if used with the right options. The difference with GNU/Linux vs mcrsft software, generally speaking, is that it exercises your HW more directly meaning better performance.


Quote:
Originally Posted by sl33p View Post
One secure method to certify it was correctly wiped.
Those with practical experience will appreciate one step that's almost always forgotten: performing a post-ops check. You can wipe all you will but unless you've verified results you shouldn't (procedurally be able to) sign off on it.
 
Old 10-13-2009, 09:09 PM   #12
abefroman
Senior Member
 
Registered: Feb 2004
Location: Chicago
Distribution: CentOS
Posts: 1,249

Rep: Reputation: 53
I use my good ole friend Mr. Crowbar.

A few hits (full swings) with him and the drive is no good.

Make sure you hit it hard enough so it damages the platters, and I do a few hits on each side.

I know someone mentioned sledgehammer, but that gets a little heavy after a while, especially if you are trying to damage the drive in multiple places and doing several drives at once. I find the crowbar is the perfect weight.

Last edited by abefroman; 10-13-2009 at 09:12 PM.
 
  


Reply

Tags
data, wipe


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
How best to format/wipe hard drive clean? blnkgcrsr001 Linux - Newbie 19 08-31-2010 07:56 AM
Need to wipe clean a hard drive 144419855310001 General 9 03-07-2007 11:48 AM
Utility to wipe hard drive? SlowCoder Linux - Newbie 6 03-03-2007 10:09 AM
how to wipe off hard drive in solaris? frankie_DJ Solaris / OpenSolaris 3 06-15-2006 02:07 PM
How can I wipe the hard drive between partitions? tstrickland Mandriva 2 06-14-2005 10:00 PM


All times are GMT -5. The time now is 08:32 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration