LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 06-15-2004, 10:00 AM   #1
meindlj
LQ Newbie
 
Registered: May 2004
Posts: 15

Rep: Reputation: 0
Secure Delete for linux?


Anyone know a good secure erase app for linux?
 
Old 06-15-2004, 10:04 AM   #2
Crunch
Member
 
Registered: Feb 2003
Location: York, PA
Distribution: Slackware, FreeBSD, OpenBSD
Posts: 162

Rep: Reputation: 30
Shred

I've heard of shred... I've never used it, but it came pre-compiled on my Slackware box (after installing everything). I'm sure you could try that out.

Code:
$man shred
Hopefully that will explain what you're looking for.
 
Old 06-16-2004, 02:01 AM   #3
overlord73
Member
 
Registered: Apr 2004
Location: ..where no life dwells..
Distribution: RH,FC/SuSE/Debian/HPUX/OSX
Posts: 511

Rep: Reputation: 30
another good programm is secure delete (by van hauser, www.thc.org).
compared to others it uses bigger blocksizes.
secure_delete is fast with big files but slower with many small
ones.

links:
wipe.sourceforge.net
berkewipe.sourceforge.net
mysite.verizon.net/vze1ypud/linux/software/fwipe.html
 
Old 06-16-2004, 02:49 AM   #4
iainr
Member
 
Registered: Nov 2002
Location: England
Distribution: Ubuntu 9.04
Posts: 631

Rep: Reputation: 30
KDE 3.2 comes with a Shredder icon : just drag files onto it to securely delete them.
 
Old 06-17-2004, 12:41 AM   #5
Sebboh
Member
 
Registered: Nov 2003
Posts: 53

Rep: Reputation: 15
Shred, afaik, does not support journaled filesystems..
 
Old 06-17-2004, 03:09 AM   #6
dalek
Senior Member
 
Registered: Jul 2003
Location: Mississippi USA
Distribution: Gentoo
Posts: 2,058
Blog Entries: 2

Rep: Reputation: 65
Quote:
Originally posted by Sebboh
Shred, afaik, does not support journaled filesystems..
I use Shred but you are right. It likely can be retrieved. Journalized file systems are more redundant I guess so it is actually harder to get rid of something. Maybe NSA came up with that to catch people. Big government, bad government.

Later

 
Old 06-22-2004, 10:26 AM   #7
bun_zee
LQ Newbie
 
Registered: Jun 2004
Posts: 6

Rep: Reputation: 0
Hi,

Shred is a secure delete utility that comes with RH Linux. The shred man page say that it does not work well with filesystem that use journaling.

I read a few articles in journaling. One of the article said "When metadata on the disk is updated, the updates are recorded in a separate area of the disk reserved for use as a journal. Filesystem transactions which complete have a commit record added to the journal, and only after the commit is safely on disk may the filesystem write the metadata back to its original location. Transactions are atomic because we can always either undo a transaction (throw away the new data in the journal) or redo it (copy the journal copy back to the original copy) after a crash, ac-cording to whether or not the journal contains a commit record for the transaction."

From this article, I dont quite understand how journaling is an issue in shred.

Journaling is meant for recovery when the system loss power abruptly. When this is the case, the file won't be overwritten properly which is true with or without journaling. It is not like journalling is going to "write data in a different data blocks" or something.

Many articles claimed that journaling is an issue in shred without any real in depth explanation.

QUESTION:
Could any one please explain why journaling is an issue in secure delete? (it's not like with journaling the system end up writing data to different blocks or anything).
A sample scenario would be nice!
Also, if journaling is indeed pose complication, then would this help at all:
mount -t ext3 -o data=writeback /dev/sda2 /jdisk
(Basically this mount the with the writeback mode for ext3).

Any response is appreciated.

Thank you,

BunZ
 
Old 06-22-2004, 07:05 PM   #8
v00d00101
Member
 
Registered: Jun 2003
Location: UK
Distribution: Fedora 8, Centos 5.1
Posts: 480

Rep: Reputation: 30
Theres a app called scrub available somewhere on the lawrence livermore website. But the secure tools thc offers are way more advanced. 38 pass wipes using urandom, not sure if you get any better than that. For safetys sake if i need to wipe something i use scrub first, then sswap/sfill/srm.

So if your really paranoid, use 2 diff apps, or consider the use of a ramdisk for working in (net cache, temp viewing area for files). Even on ramdisk i multiwipe it before rebooting. Maybe beyond that encrypt your swap partition.

Beyond that make sure some of your partitions are ext2, mainly things like /tmp, /var, possibly /home as well. Anything you want to effectively wipe.

Last edited by v00d00101; 06-22-2004 at 07:07 PM.
 
Old 06-23-2004, 09:31 AM   #9
bun_zee
LQ Newbie
 
Registered: Jun 2004
Posts: 6

Rep: Reputation: 0
v00d00101

I think scrub and any other secure delete software still run into the journaling issue.

My question remains, how exactly does journaling cause a problem in secure delete? Is it because in ext3, the journaling end up writing modified data to a new data block then re-reference the inode and left the old data block untouched? Or because journaling might keep a copy of the old data block in the journal (must be HDD not RAM) and no one knows when exactly that old data is deleted?

Your reply raise a question.
Peter Gutmann said that data in RAM "set" an image and it can be recovered after powerup. I am using RedHat. How do I force the system to put all one's in any unused RAM (for instance, when a c code free or delete dynamic memory or when a statically allocated memory is no longer needed).

thank you,

BunZ
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
security newbie, but not Linux newbie. advice on secure delete tools mattie_linux Linux - Security 19 08-15-2005 01:50 AM
Secure Delete Won't Compile slitscan Slackware 1 04-14-2005 03:42 PM
VSFTPD with secure & non-secure logins Ricci Graham Linux - Software 5 04-07-2005 04:12 PM
Secure email (SSL vs. secure authentication) jrdioko Linux - Newbie 2 11-28-2004 01:39 PM
secure delete journal bun_zee Linux - Security 1 06-21-2004 06:10 PM


All times are GMT -5. The time now is 04:10 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration