Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I have a server I plan to unplug or restore. But I would like to "wipe" the info on it before I tell the ISP to resell it. Just in case say they stick the hard drive on a shelve somewhere and down the road someone may get some info off of it. Unlikely but....
I was planning on removing the mail folders and possibly the vhosts (apache virtual hosts) folder & removing the users.
But I wanted to ask here if there are any other ideas of what else I should remove just to be on the safe side?
Also is there a better way to remove files on a drive besides rm -rf in this type of case when you really want no trace left?
shred might do it
as root
[code]
cd /to/the/mail/folder
shred -f -n 1 -zu *
there also is " srm " but you will need to install that
srm will remove folders , but has a bug on some files it will just keep writing until the disk is full and not remove the file ( mostly on text files - like README and FOR SURE MS 'thumb.db' files )
dd can fill up unused space ( this might do it ???? not sure - from memory )
' dd if=/dev/rand of=/OneBigFile.bin '
shred might do it
as root
[code]
cd /to/the/mail/folder
shred -f -n 1 -zu *
there also is " srm " but you will need to install that
srm will remove folders , but has a bug on some files it will just keep writing until the disk is full and not remove the file ( mostly on text files - like README and FOR SURE MS 'thumb.db' files )
dd can fill up unused space ( this might do it ???? not sure - from memory )
' dd if=/dev/rand of=/OneBigFile.bin '
Cool I'm going to read up a bit about `shred` this sounds like the way to go.
srm sounds like problems. I'll skip that one.
And your last suggestion why would I want to fill up space with dd?
If I am returning a machine (leased) I scrub the whole disk(s). Their problem to rebuild it in need, not mine.
If I wanted to do something like you, I'd delete all the data I cared about, back it up, scrub the disk(s) and restore everything (remaining) using filesystem level tools (rsync, cp, ...). That way no edit recovery data, no journal data, no nothin gets left behind.
Could be difficult to achieve on a (remote) hosted machine - more so if virtualized.
If I am returning a machine (leased) I scrub the whole disk(s). Their problem to rebuild it in need, not mine.
If I wanted to do something like you, I'd delete all the data I cared about, back it up, scrub the disk(s) and restore everything (remaining) using filesystem level tools (rsync, cp, ...). That way no edit recovery data, no journal data, no nothin gets left behind.
Could be difficult to achieve on a (remote) hosted machine - more so if virtualized.
- How would you "scrub the disk(s)"? simply delete? reformat?
- And this is a remote machine.
I would like to reformat the whole disk but I don't know about doing this remotely.
Thanks. But since this is a rented server I can't put a dban disk in as I'm in California and the server is in Texas. And if I dd'd the whole disk I obviously would not have a shell to do so on without a live cd or other means.
The easiest way is first use 'rm' to remove all files you don't want, then run this:
Code:
dd if=/dev/zero bs=4m of=file; rm -f file
That will overwrite any deleted files with zeroes.
Also, don't bother using urandom or rand or random, unless you're extremely paranoid and have time to waste. There have been no documented cases of data ever being recovered after a drive is zeroed, and no realistic methods to do so, and no sound theory that is actually possible to do so with any degree of accuracy.
If you are really paranoid, you could do this repeatedly, or use the shred program on this new file. However shred may not work if the filesystem uses journaling. A larger block size would be faster. You will need to divide the size of `count' by the same factor you multiply the block size. I simply used the same block size as the df command.
Before you go - I'd like to append to the dd thing. The most efficient way to clear a disk is to boot a live environment of some kind and `dd if=/dev/zero of=/dev/sda`, replacing sda with the disk (not the partition) you want wiped. This will set absolutely every byte on the drive to zero, and unless you are attempting to sabotage the US government, I don't think there's any reason to believe you'll need more than that.
Before you go - I'd like to append to the dd thing. The most efficient way to clear a disk is to boot a live environment of some kind and `dd if=/dev/zero of=/dev/sda`, replacing sda with the disk (not the partition) you want wiped. This will set absolutely every byte on the drive to zero, and unless you are attempting to sabotage the US government, I don't think there's any reason to believe you'll need more than that.
If you read the whole thread you would know this is a leased server. So there is no way I could boot a live cd. And I understand what the commands do thanks for the reiteration. And finally if this where "sabotage" I think I would "need more than that"!
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.