Filesystems, Disks and Memory

I belong on the 'UNIX for Dummies Questions' forum but I need to delete information on a sensitive SUN box. The company is going to use the box for a web server and I need to have the hard drives Completely clean!!!

One of the bosses 'friends' through out the term 13th level. And now it's the coin phrase of the day!!

Any clue what it means but more important, how do I clean the disks?

Thanks,
Lenny

You could try just using "rm", then fdisk'ing the drive and creating a new partition. That will keep all but the most determined (and well-funded) hackers out.

Also check out http://freshmeat.net/projects/securedelete/?topic_id=43

Not sure if it will do a 13x overwrite, but if you really needed DoD grade file-wipes, you probably wouldn't be asking here.

Something my instructor had us do in HPUX class a few years ago works too.

Create a tar file and write the output to a disk device. This should destroy any data that was there. Also, if you system has a /dev/zero file. You can write zeroes to the disk as well.

Like PxT said, as long as the disk is in a "secure" site you shouldn't have to worry too much.

BTW, that reference to 13th level is referring to the 13th level of hell, reserved for the most deserving of all evil creatures and persons!

Thanks for your help.

I'd like to use the sledgehammer format but can't!!!

Thanks again,
Lenny

Maybe use /dev/random or /dev/urandom?
I have never tried this, but does anyone know if you can simply do something like this:

Code:

#!/bin/sh
n=12
while [ $n -gt 0 ]; do
dd if=/dev/urandom of=/dev/(hard drive device you want dead)
n=`expr $n - 1`
done
cat /dev/zero > /dev/(hard drive device you want dead)

I know it would be taxing on the disk, and possibly the entire system, but for curiosity sake, would it work?

I am not sure of what urandom is, so I must pass on that. Using dd to copy /dev/zero to a disk special file will work in all cases if you use the default block sizes as you are doing.

You don't specify whether you are using a block special file or a character special file to access the disk. That cat would be expensive but would work if you use a block special file.

It is not guaranteed to work if you use a character special file, but it might depending on the disk driver, the disk hardware, and block size used for physical writes by the cat command. A raw disk device requires i/o to be aligned on a DEV_BSIZE boundary. But it's not guaranteed to fail if you don't do that.

The second smartest way to do this would be to use dd to copy /dev/zero to the raw device but using a very large block size that is a multiple of DEV_BSIZE.

But HP-UX has mediainit and SunOS has format. Instead of zeros on every pass, they use various patterns chosen by hardware experts to really test the disk. If you need more security than that, you need to use sledge hammers and blow torches.

Ahh...
/dev/urandom is kind of an "enhanced" random... faster and more "random" than /dev/random is...

It very well may be a Linux specific device then (maybe BSD too...).

Also, as a sidenote, the OP could look for a utility like wipe, which will run against a raw device (and is free too).

And now that I think about it, if you're going to use it as a web server and don't want any sensitive recoverable data on it, just zero'ing out the disk should be fine. Any more sophisticated recovery than that would require physical access to the platter, right?