Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
03-10-2008, 05:50 PM
|
#1
|
Member
Registered: Nov 2004
Distribution: Debian, Fedora, Puppy
Posts: 43
Rep:
|
Secure unused disk space wipes, dd and shred
I understand ext2 is the only viable file system to securely delete files and wipe unused areas of the disk due to no journeling.
Which is the most secure method for wiping unused areas of the disk;
1.) dd if=/dev/urandom of=/mnt/hda1 bs=4M
2.) dd if=/dev/urandom of=/mnt/hda1/foo.img bs=4M
shred -uvz -n 7 /mnt/hda1/foo.img
Is shredding a large artificially created file that takes up unused space on disk better than dd because you could control how many times you can write over the file with shred vs. only once with each dd operation?.
Thank you
Akonbobot
|
|
|
03-10-2008, 06:38 PM
|
#2
|
Member
Registered: Apr 2003
Location: Wisconsin
Distribution: Switched to regualr Ubuntu, because I don't like KDE4, at all. Looks like vista on crack.....
Posts: 675
Rep:
|
You can wipe files just fine from an ext3 or journaled file system. The problem is in removing the file NAME. That'll stick around in weird spots. I'm no expert though, so take my advice with a grain or 3 of salt.
David
|
|
|
03-10-2008, 07:43 PM
|
#3
|
LQ Veteran
Registered: Aug 2003
Location: Australia
Distribution: Lots ...
Posts: 21,253
|
Quote:
Originally Posted by budword
You can wipe files just fine from an ext3 or journaled file system.
|
Only if you can guarantee (*all*) updates are done "in-place". A default ext3 install is generally o.k.
Residual (log) data is the exposure, not the filename.
For general usage, simple overwriting (of any means) is generally sufficient. If you are trying to hide something from the "spooks", good luck ...
|
|
|
03-10-2008, 08:13 PM
|
#4
|
Member
Registered: Nov 2004
Distribution: Debian, Fedora, Puppy
Posts: 43
Original Poster
Rep:
|
Pardon me, I've mis focused the question, again...
In an ext2 file system, which method below is more secure for wiping unused disk space ?
1.) dd if=/dev/urandom of=/mnt/hda1 bs=4M
2.) dd if=/dev/urandom of=/mnt/hda1/foo.img bs=4M
shred -uvz -n 7 /mnt/hda1/foo.img
Thank you.
Akonbobot
|
|
|
03-10-2008, 09:14 PM
|
#5
|
LQ Veteran
Registered: Nov 2005
Location: Annapolis, MD
Distribution: Mint
Posts: 17,809
|
Quote:
Originally Posted by Akonbobot
Pardon me, I've mis focused the question, again...
In an ext2 file system, which method below is more secure for wiping unused disk space ?
1.) dd if=/dev/urandom of=/mnt/hda1 bs=4M
2.) dd if=/dev/urandom of=/mnt/hda1/foo.img bs=4M
shred -uvz -n 7 /mnt/hda1/foo.img
Thank you.
Akonbobot
|
First, if you are "wiping" an entire drive (or partitions) with a low-level command like dd, then the filesystem makes NO difference.
Second, using dd does not make sense for trying to erase just part of a partition (file system). (How would you know which part to erase?)
In example #2, what is your intent? It LOOKS like it would write random data to a file named "foo.img" on hda1 until either the partition or the entire drive was full. I don't think it erases anything, but I have no system that I can try it on.
The secure way to erase is with several passes of random data and all zeros.
Finally, I think "shred" is used for secure erase of just one file (or directory?)
|
|
|
03-10-2008, 11:12 PM
|
#6
|
Member
Registered: Nov 2004
Distribution: Debian, Fedora, Puppy
Posts: 43
Original Poster
Rep:
|
The intent is;
To securely wipe a single partition (/dev/hda1).
Method 1:
dd if=/dev/urandom of=/dev/hda1
Method 2:
sudo mount /dev/hda1 /media/hda1
dd if=/dev/zero of=/media/hda1/foo.img
shred -uvz -n 7 /media/hda1/foo.img
[Method 1] will write 1 pass, Method 2 creates a fake file (foo.img) until the disk is full, then uses shred to delete that file 7 times.
Does that mean that Method 2 is superior to a dd pass ?
Thanks again.
Akonbobot
|
|
|
03-11-2008, 06:03 AM
|
#7
|
LQ Veteran
Registered: Nov 2005
Location: Annapolis, MD
Distribution: Mint
Posts: 17,809
|
As I said, I don't know what method 2 does, and I have no machine on which I can take the risk of trying.
My hunch is that you are better off just writing directly to the raw device--multiple passes. I have never seen any actual data, but I would doubt that the average person would find anything after two random passes and then all zeros.
|
|
|
03-11-2008, 06:11 AM
|
#8
|
Member
Registered: Sep 2006
Location: Munich, Germany
Distribution: Debian / Ubuntu
Posts: 298
Rep:
|
sfill from the 'secure_deletion toolkit' might be what you are looking for. It wipes unused space on a drive. From the man page:
Code:
The secure data deletion process of sfill goes like this:
* 1 pass with 0xff
* 5 random passes. /dev/urandom is used for a secure RNG if avail‐
able.
* 27 passes with special values defined by Peter Gutmann.
* 5 random passes. /dev/urandom is used for a secure RNG if avail‐
able.
Sounds pretty thorough.
|
|
|
03-11-2008, 06:18 AM
|
#9
|
LQ Veteran
Registered: Nov 2005
Location: Annapolis, MD
Distribution: Mint
Posts: 17,809
|
Quote:
Originally Posted by rupertwh
Sounds pretty thorough.
|
Sounds like overkill to me...
You can also use DBAN, which includes the military standard routines.
|
|
|
03-11-2008, 06:49 AM
|
#10
|
LQ Guru
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733
|
I have used something similar to zero-fill empty space on a partition before using dd to create an image. Such an image will compress better.
Use df to determine how many blocks are left. Use the same block size in your dd command as the df command shows and use number of free blocks for the "count=" in the dd command. You may need to subtract a block from the count to leave space for the directory change. Then you can use shred on the file as well. More than 5 sweeps is probably overkill.
Your first method would wipe out files as well as free space.
|
|
|
03-14-2008, 01:01 AM
|
#11
|
Member
Registered: Jul 2003
Location: NY
Distribution: Slackware, Termux
Posts: 878
|
I think you can just do 'shred /dev/hda1', without the unlink (-u). If you're really concerned about wiping, you may wish to /dev/random, which is stronger "randomness" than urandom, but will take much longer.
From the manpage:
Quote:
Delete FILE(s) if --remove (-u) is specified. The default is not to
remove the files because it is common to operate on device files like
/dev/hda, and those files usually should not be removed.
|
The method of writing a file then shredding the file might not consume all the space that was on the partition, depending on how it is written to the filesystem.
As far as journaling filesystems go, ext3, xfs and friends- I've heard they are not acceptable for secure deletion.
http://www.slac.stanford.edu/comp/un...ure-erase.html
Quote:
One major problem with all of these utilities is that most modern file systems use techniques called "journaling" or "logging" to help prevent file system corruption. Unfortunately, these techniques can also make it nearly impossible to ensure that all traces of a file's data get overwritten unless you are willing to completely wipe out all data on the disk.
|
In fact, Gentoo's Portage specifically warns about sfill,srm etc:
http://www.gentooportage.info/portag...re-delete.html
Quote:
ewarn "sfill and srm are useless on journaling filesystems,"
ewarn "such as reiserfs or XFS."
ewarn "See documentation for more information."
|
Make sure you're taking care of swap space, too.
|
|
|
All times are GMT -5. The time now is 05:50 AM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|