9 More Discussions You Might Find Interesting
1. Shell Programming and Scripting
help me (1 Reply)
Discussion started by: sonu pandey
1 Replies
2. Solaris
SOLARIS 9 Zone :
date command in crontab shows delayed(One Hour) output
Hi folks,
the date command shows the correct date and time, How ever, if the date command executed through crontab in any form of scrip the output shows as one hour delayed, similar to date -u..
Can some one help in... (12 Replies)
Discussion started by: judi
12 Replies
3. UNIX for Dummies Questions & Answers
Hi all,
I've been working on a script to run a disk wipe (using Jim Garlick's scrub tool) on the filesystem in Xerox production printer RIPs.
Easy enough if there's just one partition, but I need to cater for the possibility of multiple drives/partitions, and either ZFS or UFS (don't know if... (2 Replies)
Discussion started by: DavidDawesFXA
2 Replies
4. Shell Programming and Scripting
I have a file that looks like:
file1:
www_blank_com 20121008153552
www_blank_com 20121008162542
www_blank_com 20121009040540
www_blank_com 20121009041542
www_blank_com 20121010113548
www_blank_com 20121011113551
www_blank_com 20121012113542
I want the new file to show the day of... (3 Replies)
Discussion started by: castrojc
3 Replies
5. Solaris
Hi,
I've gone around with this on Oracle's site (and tech support) and ended up empty handed and without ideas of what to do to fix the problem.
Background:
V245, Solaris 10, has 2 12-disk infortrend RAIDs attached.
Have replaced faulty disks many times - familiar with the routine. However,... (5 Replies)
Discussion started by: jdigjudy
5 Replies
6. Hardware
Here is the error showing in the XCSF, can anyone recommend further diagnosis for this specific error?;
XSCF> showhardconf
SPARC Enterprise M3000;
+ Serial:PX61142029; Operator_Panel_Switch:Locked;
+ Power_Supply_System:Single; SCF-ID:XSCF#0;
+ System_Power:On;... (4 Replies)
Discussion started by: Touchpoint
4 Replies
7. Solaris
# zpool status -v
pool: pool1
state: ONLINE
status: One or more devices has experienced an error resulting in data
corruption. Applications may be affected.
action: Restore the file in question if possible. Otherwise restore the
entire pool from backup.
see:... (0 Replies)
Discussion started by: beginner
0 Replies
8. UNIX for Dummies Questions & Answers
Hello,
I am trying to show today's date and time in a better format than ‘date' (Using positional parameters). I found a command mktime and am wondering if this is the best command to use or will this also show me the time elapse since 1/30/70? Any help would be greatly appreciated, Thanks... (3 Replies)
Discussion started by: citizencro
3 Replies
9. SCO
when I do a tape status /dev/rStp0 I get the following on a new tape and I have tried several:
Status : ready beginning-of-tape
soft errors : 0
hard errors: 2
underruns: 5
My BackupEdge has stopped backing up my system because it asks for a new volume yet my total system data is under 20... (5 Replies)
Discussion started by: psytropic
5 Replies
scrub(1) scrub scrub(1)
NAME
scrub - write patterns on disk/file
SYNOPSIS
scrub [OPTIONS] special-file
scrub [OPTIONS] file
scrub -X [OPTIONS] directory
DESCRIPTION
Scrub iteratively writes patterns on files or disk devices to make retrieving the data more difficult. Scrub operates in one of three
modes:
1) The special file corresponding to an entire disk is scrubbed and all data on it is destroyed. This mode is selected if file is a char-
acter or block special file. This is the most effective method.
2) A regular file is scrubbed and only the data in the file (and optionally its name in the directory entry) is destroyed. The file size
is rounded up to fill out the last file system block. This mode is selected if file is a regular file. See CAVEATS below.
3) directory is created and filled with files until the file system is full, then the files are scrubbed as in 2). This mode is selected
with the -X option. See CAVEATS below.
OPTIONS
Scrub accepts the following options:
-v, --version
Print scrub version and exit.
-r, --remove
Remove the file after scrubbing.
-p, --pattern PATTERN
Select the patterns to write. See SCRUB METHODS below. The default, nnsa, is reasonable for sanitizing modern PRML/EPRML encoded
disk devices.
-b, --blocksize blocksize
Perform read(2) and write(2) calls using the specified blocksize (in bytes). K, M, or G may be appended to the number to change the
units to KiBytes, MiBytes, or GiBytes, respectively. Default: 1M.
-f, --force
Scrub even if target contains signature indicating it has already been scrubbed.
-S, --no-signature
Do not write scrub signature. Later, scrub will not be able to ascertain if the disk has already been scrubbed.
-X, --freespace
Create specified directory and fill it with files until write returns ENOSPC (file system full), then scrub the files as usual. The
size of each file can be set with -s, otherwise it will be the maximum file size creatable given the user's file size limit or 1g if
umlimited.
-D, --dirent newname
After scrubbing the file, scrub its name in the directory entry, then rename it to the new name. The scrub patterns used on the
directory entry are constrained by the operating system and thus are not compliant with cited standards.
-s, --device-size size
Override the device size (in bytes). Without this option, scrub determines media capacity using OS-specific ioctl(2) calls. K, M,
or G may be appended to the number to change the units to KiBytes, MiBytes, or GiBytes, respectively.
-L, --no-link
If file is a symbolic link, do not scrub the link target. Do remove it, however, if --remove is specified.
-h, --help
Print a summary of command line options on stderr.
SCRUB METHODS
nnsa 4-pass NNSA Policy Letter NAP-14.1-C (XVI-8) for sanitizing Removable and non-removable hard disks, which requires overwriting all
locations with a pseudorandom pattern twice and then with a known pattern: random(x2), 0x00, verify.
dod 4-pass DoD 5220.22-M section 8-306 procedure (d) for sanitizing removable and non-removable rigid disks which requires overwriting
all addressable locations with a character, its complement, a random character, then verify. NOTE: scrub performs the random pass
first to make verification easier: random, 0x00, 0xff, verify.
bsi 9-pass method recommended by the German Center of Security in Information Technologies (http://www.bsi.bund.de): 0xff, 0xfe, 0xfd,
0xfb, 0xf7, 0xef, 0xdf, 0xbf, 0x7f.
gutmann
The canonical 35-pass sequence described in Gutmann's paper cited below.
schneier
7-pass method described by Bruce Schneier in "Applied Cryptography" (1996): 0x00, 0xff, random(x5)
pfitzner7
Roy Pfitzner's 7-random-pass method: random(x7).
pfitzner33
Roy Pfitzner's 33-random-pass method: random(x33).
usarmy US Army AR380-19 method: 0x00, 0xff, random. (Note: identical to DoD 522.22-M section 8-306 procedure (e) for sanitizing magnetic
core memory).
fillzero
1-pass pattern: 0x00.
fillff 1-pass pattern: 0xff.
random 1-pass pattern: random(x1).
random2
2-pass pattern: random(x2).
old 6-pass pre-version 1.7 scrub method: 0x00, 0xff, 0xaa, 0x00, 0x55, verify.
fastold
5-pass pattern: 0x00, 0xff, 0xaa, 0x55, verify.
CAVEATS
Scrub may be insufficient to thwart heroic efforts to recover data in an appropriately equipped lab. If you need this level of protection,
physical destruction is your best bet.
The effectiveness of scrubbing regular files through a file system will be limited by the OS and file system. File systems that are known
to be problematic are journaled, log structured, copy-on-write, versioned, and network file systems. If in doubt, scrub the raw disk
device.
Scrubbing free blocks in a file system with the -X method is subject to the same caveats as scrubbing regular files, and in addition, is
only useful to the extent the file system allows you to reallocate the target blocks as data blocks in a new file. If in doubt, scrub the
raw disk device.
On MacOS X HFS file system, scrub attempts to overwrite a file's resource fork if it exists. Although MacOS X claims it will support addi-
tional named forks in the future, scrub is only aware of the traditional data and resource forks.
scrub cannot access disk blocks that have been spared out by the disk controller. For SATA/PATA drives, the ATA "security erase" command
built into the drive controller can do this. Similarly, the ATA "enahanced security erase" can erase data on track edges and between
tracks. The DOS utility HDDERASE from from the UCSD Center for Magnetic Recording Research can issue these commands, as can modern ver-
sions of Linux hdparm. Unfortunately, the analagous SCSI command is optional according to T-10, and not widely implemented.
AUTHOR
Jim Garlick <garlick@llnl.gov>
This work was produced at the University of California, Lawrence Livermore National Laboratory under Contract No. W-7405-ENG-48 with the
DOE. Designated UCRL-CODE-2003-006, scrub is licensed under terms of the GNU General Public License.
SEE ALSO
DoD 5220.22-M, "National Industrial Security Program Operating Manual", Chapter 8, 01/1995.
NNSA Policy Letter: NAP-14.1-C, "Clearing, Sanitizing, and Destroying Information System Storage Media, Memory Devices, and other Related
Hardware", 05-02-08, page XVI-8.
"Secure Deletion of Data from Magnetic and Solid-State Memory", by Peter Gutmann, Sixth USENIX Security Symposium, San Jose, CA, July
22-25, 1996.
"Gutmann Method", Wikipedia, http://en.wikipedia.org/wiki/Gutmann_method.
Darik's boot and Nuke FAQ: http://dban.sourceforge.net/faq/index.html
"Tutorial on Disk Drive Data Sanitization", by Gordon Hugues and Tom Coughlin,
http://cmrr.ucsd.edu/people/Hughes/DataSanitizationTutorial.pdf.
"Guidelines for Media Sanitization", NIST special publication 800-88, Kissel et al, September, 2006.
shred(1), hdparm(8)
scrub-2.4.1 2011-08-29 scrub(1)