Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I know that data can still be accessed on a reformatted drive. Can malware/root kits survive a reformat? When I fix a Win box I
1. retrieve the user dada.. using linux
2. run anti-virus scan on the data
3. Wipe the drive with random data
4 reformat
5. Reinstall the OS
I have been told that it's over kill and malware won't run after reformatting. I would think if data can be accessed so could code?
I do the same things that you do. I have also been told that this is overkill. Let me say that IMO there is no such thing as overkill when it comes to security. There is only a limit to what people are willing to do. I use the shred utility on disk partitions. This accomplishes a level of data wiping that is comparable to the data wiping requirements of computers that store military secrets.
Don't listen to people when they say that you are doing more than you have to do when it comes to security. There is no real limit. Do as much as you can stand to do. At some point we all reach an emotional point where we are satisfied. Don't lower that point for yourself based on other people's opinions.
No I'm not stressed about it. I figure security and forensics are a good field for me since I really do not change based what may be popular but on what I think is right. I just couldn't quickly find a definitive answer on wether malware would continue on after a reformat.
I just couldn't quickly find a definitive answer on wether malware would continue on after a reformat.
Nope.
Once formatted, there is no way to locate any residual data (including executables) potentially left on the disk using normal means. Means any residual "malware" can't be launched.
Recovery is a different matter.
And of course, malware could use similar techniques to locate the "residual" data - but that would have to be a new malware attack.
If you're reinstalling then you'll likely overwrite the data. Recovering data in this manner isn't like using an undelete program anyway. The disk's sectors are read many many times, over and over again to recover those faint traces. It's very unlikely you wouldn't notice the activity.
If you're sending it to the recycler I'd definitely take extra precautions though. There was a recent article in news about some of those drives showing up on ebay. http://www.pcworld.com/article/id,12...1/article.html
Thanks for the replies. I really am not worried about the data recovery aspect. Just if it's possible for any code to run after the format. Most of the time the systems I'm working on are returned to the original owner. When a computer gets donated. I just wipe the drive and through a Linux distro on it and give them to needy families. So I always protect the privacy of the original owners.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.