Is there a script I can use to send a command VIA terminal to wipe an entire machine of data? If for example there is an intrusion valuable data can be at risk, it would need to be erased.

Running FC13

Meaning what?

You want to wipe the full hdd including the OS? Just locations where user data is stored? Config files? Are you worried about corrupting the OS?

I think a little more detail is needed so you can get the best response possible.

nomb

If possible the entire OS.
Corruption is fine.

I can't really thiink of a way to wipe the full os remotely from another machine. The problem is going to be that the machine is running and if you tried to wipe the drive, it would probably crash before the data was wiped.

If I wanted to wipe a box remotely and have as high as a success rate as possible, I would probably make a wipe script on a mount point basis and start with the least corrupting mounts first and work my way to /. Then probably call it remotely with an ssh call. At least then you know your data is getting wiped first and when you move on to the OS portions it will go until it crashes?

But the success on that would depend how you have your box partitioned I would think.

nomb

First of all, I don't see any reason to do this outside of criminal activity. Secondly, if you no longer have access to the system, then you cannot remove the data. To do so requires booting off of alternative media and then writing 1's, 0's, or random data to the entire drive multiple times, and they aren't even guaranteed to work. The government doesn't even approve that method any more. If you are trying to keep someone from remotely accessing the data, then just turn off your networking. If they have the system, then they have your data and are in control of it. Anything that was ever written to your hard drive can be retrieved with pretty good confidence.

HTH

Forrest

I don't get the criminal activity link here but I don't see the reason why "wipe valuable data" turned into "wipe whole OS" either. If something is important then I'd say multi-layered protection is paramount, wiping an afterthought.

1 members found this post helpful.

IMHO, a more sane approach is to have a dedicated firewall sit in front of the machine. This way, when an intrusion is detected, you can cut all active connections immediately, and filter all potentially hostile traffic in or out of the machine while you respond to the incident.

That said, if I was forced to do something like this I'd probably have a live CD in the CD-ROM drive, with something like DBAN on it. This live CD would be configured to allow me to remotely determine whether DBAN gets run, or whether the hard drive should be booted. At that point, it's just a matter of doing a reboot (using physical, non-OS means, ideally).

No criminal activity intended. I just wanted to know if something like this was even possible. Thanks for the input.

Okay so to make a better example; if someone broke into my Business Data Center and was attempting to steal a server. Would this be an ideal method or is there a better protocol to follow?

It would be much quicker to have the drive encrypted from the start. This way, your script (which presumably gets triggered by the physical alarm system) only needs to unmount the drive and wipe the key from memory (which takes a split second), not wipe the drive (which takes ages). If done properly, the thief will end up with none of your important data when he takes off with the box.

This sounds a lot easier, thank you win32sux. Is there a guide I should look at for encryption? I'm still a n00b at Linux unfortunately.

Perhaps start by reading the documentation on the LUKS site? I'm not sure, but I think Fedora comes with LUKS out of the box. As for wiping the key from RAM, I saw a Perl script that did a full memory overwrite (to defend against cold boot attacks when a proper shutdown was possible) around here somewhere a while back, but I'm having trouble finding it.

So we're talking about a situation where
1) you do not have physical access to the computer, and are unable to interfere with the situation personally (maybe due to distance), but do have a remote connection of some kind, and
2) you need to make sure that whoever reaches the computer is unable to retrieve any "important" data from it, even if the whole computer was taken along for a ride

Wiping the data is not an option here, really, because very probably the amount of data is so big that the wiping process is stopped by the person who is aiming to get the data, perhaps by simply pulling a plug. Some of the data might get wiped, but probably most of it didn't, and thus the rest of the data could be restored. If the whole storage media (you'd probably store the important data on a separate storage area, wouldn't you?) was encrypted, you could try to erase the keys and hope the encryption is strong enough to hold so long that when it's finally broken (and it would be one fine day, nothing is unbreakable), it was of no use. You can't really rely on this one either, if enough interest is put into the matter. Therefore the only solution I see to this problem, perhaps in addition to encryption, is to physically cripple the storage device so that it is not possible to use it anymore. Drilling is found to be an effective way to safely dispose of harddisks, for example (even burning might not destroy them, unless they melt completely), but I assume a small explosive would do the same. It's risky, even when it's small, and it's very probably not legal either in most parts of the world, but it's about the only way you can "instantly" render something useless, by remotely detonating the explosive attached to the media.

Staying with the legal methods, strong encryption and measures taken to prevent people from locating and (if located) accessing the computer physically or through network are the best ways to prevent data loss. Physical access is the worst case, because then the device may be taken off completely and worked on, probably with plenty of time to get around encryptions and whatnot.

Edit: forgot to mention that of course you can call the cops if you find out somebody is stealing from you with encryption slowing down the data extraction while the robber is being searched for should be enough.

The reason I say criminal is the only real-world reasons I can think of to use this approach are:

1) Hide data on YOUR system when the cops take it from you
2) Destroy someone else's data

If the system is at your location, you do it w/ something like DBAN or you use a sledge hammer/drill. If it ISN'T at your location and you own it, then it is not at your location a) legally -- the cops took it b) illegally -- someone stole it, or c) you want to store it remotely. There are FAR CHEAPER/MORE EFFECTIVE means to keeping someone from stealing your property and this takes care of b & c (the remote location had better be as secure as any local location). There is NOTHING you can do to keep the cops from taking your property. So, the only one of those scenarios where this would be useful is to destroy your data if the cops take it. If it doesn't belong to you, and you want to destroy it, then that is also illegal.

Forrest

I'm going to have to +1 the encryption. When used correctly it is very effective.

Just some food for thought:
If you use disks that already have had data on them make sure you write over the whole disk first with random data before you setup the encrypted partition.

And also, there is always a possibility the keys can be pulled out of ram while the system is running.

I'm assuming that you are only applying that statement to US residents?

nomb