Other *NIXThis forum is for the discussion of any UNIX platform that does not have its own forum. Examples would include HP-UX, IRIX, Darwin, Tru64 and OS X.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
You could boot from a livecd and then dd /dev/zero the whole of the disk.
Within our company the policy is to have the drives physically destroyed after use, basically a company turns up with a van and shreds the HD on-site.
The whole "must over-write X times with zeros or random values" thing is pretty sensationalist, once with 0's is enough to deter anyone except those with access to tunnelling electron microscopes to try and reconstruct data.
On a couple of occasions I've just used mkfs.ntfs. Unless you force a quick format, it'll zero out every block after formatting the metadata.
Nice and convenient, but no quicker.
EDIT: just noticed this is under "other *NIX" - I've only done this in Linux.
I will boot the server through a CD Image and write zeros on the whole disk.
However, i have a question (that may sound silly). Isn't it possible to write the data directly from the Operating system shell. I understand that the command may not return back to prompt, as there wont be a tty to display the output.
But would the following code run from memory and write zeros on all of the disk's sectors (or) would it stop as soon as it replaces the the data block that contains /dev/zero?
The whole "must over-write X times with zeros or random values" thing is pretty sensationalist, once with 0's is enough to deter anyone except those with access to tunnelling electron microscopes to try and reconstruct data.
While, generally, I agree with that
If someone has written a procedure, I'll probably follow it (before I tell them that I think they've done it wrong...but that's just me)
If I wanted to select something that I thought was pretty bulletproof, I'd do a pass of zeroes, a pass of ones, and then random data - even if you could recover anything through the random data, it would probably only be either the ones or the zeroes written from the first two passes, or, at least it would be almost impossible to prove that it wasn't (hence, having put any variation on the data in the first two passes)
I'm not sure that you can recover anything useful from the data after a couple of passes - you know, the information that the previous user had used at least one 'zero' isn't going to get you anywhere, you'd need to get much, much, more to do anything useful with it
DBAN, or something; using a live CD(/DVD) allows you to 'nuke' the OS.
Normally, people don't scramble the partition table, and I don't know why; it takes little time, and unless you can get the partition table back, it going to be difficult to put any context to your data
I'm not sure that a tunnelling electron microscope actually helps...at least the the micrographs I've seen didn't help me
While there are people who will tell you that 26 passes are actually necessary, I don't believe it. On the other hand, that's probably just 26 overnight sessions, and that doesn't really cost anything, except a month of elapsed time
If you are a three letter agency, you'll want the full professional job, no question, and I wouldn't blame you. The 'costs' of getting this wrong are potentially immense
Hi all,
I have a task to wipe out all the data in a server that is about to be de-commissioned. I came up with the idea of
* identifying the Volume group information from bdf output
* Use vgdisplay -v to find out disks under root volume group
* Use 'dd' command to wipe out the information on the disks (nohup dd if=/dev/zero of=/dev/rdsk/${DISK} bs=8192k &)
Would like to take advise as to, is this a right approach or are there any better methods to achieve this task?
While I agree in principle to the suggestions offered previously, I don't know if it's what I'd use. You just say "decommissioned"...but don't say if you're SELLING the server(s) to someone else (another company/private buyer), or if you're re-deploying them elsewhere at your company. So if you're keeping them in your company, then any of the suggestions here work fine.
If you're SELLING them, I'd settle for nothing short of a sledgehammer and pound the hard drives into scrap. Anyone who buys them *COULD* (theoretically) still read the data from the drives...government agencies just have an easier time of it. You CAN recover good bits of data, even with the ones/zeros method. DBAN is MUCH harder, but experienced data forensics people can recover data. It's expensive, and the results may be hit or miss, but it can be done. It may sound paranoid, but you have NO IDEA what someone else will do, and if it's your company's data/client records, do you really want to take the chance?
A sledgehammer is worse than zeroing the drive, because you can still recover info from the pieces. A PRNG that is not cryptographically secure is no better than zeroing the drive. If the data is "top secret" then use a cryptographic PRNG that is well seeded or encrypt the drive.
A sledgehammer is worse than zeroing the drive, because you can still recover info from the pieces. A PRNG that is not cryptographically secure is no better than zeroing the drive. If the data is "top secret" then use a cryptographic PRNG that is well seeded or encrypt the drive.
Really?? Mind telling us how, exactly, you can recover data from PIECES of a hard drive? Especially since the coating on the platters will flake into particles about the size of grains of sand?
Let's say we currently have 100 GB / square inch, that equals about 0.15 GB / square mm, about a grain of sand or salt. So that grain of sand could contain a lot of data.
Oh, and if you can turn a HDD into sand using a sledgehammer, please do post a video of it on youtube as that would be entertaining.
Last edited by metaschima; 02-12-2014 at 04:14 PM.
The data density for HDDs is quite high, and please don't tell me that a sledgehammer will turn a HDD into sand
No, but please DO read what was actually said. I said the COATING will flake off into bits as fine as a grain of sand. Since the coating = what holds the data, how, exactly, do you read data from it???
Quote:
NOTE: values are in gigabits Let's say we currently have 100 GB / square inch, that equals about 0.15 GB / square mm, about a grain of sand or salt. So that grain of sand could contain a lot of data.
Right...and we're back to "tell us how you READ THE DATA FROM IT in that state???
Quote:
Oh, and if you can turn a HDD into sand using a sledgehammer, please do post a video of it on youtube as that would be entertaining.
I would not be able to read data from HDD scraps, but using a microscope and sophisticated methods, one might be able to, just like one is able to see individual bits on a HDD platter. Of course, I'm referring to three letter agencies and not the layman, who would not have access to such methods.
I sense you are angry, maybe you should go out and pulverize a HDD to let off some steam. As for me, I've said what I wanted to say, and I'll go off to another thread.
I would not be able to read data from HDD scraps, but using a microscope and sophisticated methods, one might be able to, just like one is able to see individual bits on a HDD platter. Of course, I'm referring to three letter agencies and not the layman, who would not have access to such methods.
I sense you are angry, maybe you should go out and pulverize a HDD to let off some steam. As for me, I've said what I wanted to say, and I'll go off to another thread.
Uhh, sorry....you're wrong. There is NOT a microscope that can view magnetic fields. Hdd platters use magnetic principles to store data. You can't 'view them
And not angry a bit...but If you want to advocate against something, you should have proof of what you say. You don't.
Thanks Everyone for participating and providing valuable insight.
I will take the suggestion to wipe out the hard disk as well as attempt to physically destroy them, if they are not going to be used in the same environment further.
As of those disks which will be re-purposed in the same environment. I will go with zero-ing the whole disk (and fill it with random numbers.
There is some work on this subject that you should read:
At cmrr.ecu.edu, there is a Data Sanitization Tutorial (pdf). Amongst the highlights is a discussion of how some techniques of forensics and some of data destruction have become impractical over time and a discussion of various legal requirements and penalties that might exist under the different (US) applicable laws. this might concentrate the attention, in some circumstances.
One particular issue that is easy to overlook is that of unused blocks in circumstances in which user accessible blocks are lower than native. In some cases, you might not be that worried about ancient data escaping the erasure process, but you probably shouldn't be that lax.
There is also a discussion at SANS of the different microscopic techniques that can be used (and again, how progress has made this more difficult).
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.