Disk over writing software

Important: Don't use any programs related to security, which are not widely known. Don't use any programs related to security, for which there is no source code publicly available. Especially forget GUI programs, as they tend to subsbreastute security by comfort.

There is a (not so) little command line program especially designed for this purpose. It's called 'shred' and is preinstalled on almost any non-Windows system. Its main intention is to wipe out entire data storage devices. By default it overwrites the device 25 times, which should be enough to make data effectively physically unrecoverable. If you believe that this is not enough, you may increase this amount. But be prepared to wait quite a while for it to finish.

To make data unrecoverable on magnetic storage, it's not enough to overwrite it with purely random data (e.g.dev-urandom output). This does not only take forever, it's not even secure. Shred uses special patterns to overwrite the storage. By calling it with the -v option, you can see those patterns.

If you want to securely delete your entiredev-hda, it's enough to type:

# shreddev-hda

To overwrite 45 times instead of 25, do this:

Ethernet Driver Question
On 22 Mar 2006, in the Usenet newsgroup comp.os.linux.misc, in article Not only will Knoppix won't detect it...

# shred -n45dev-hda

Making data unrecoverable is not enough in all cases. Sometimes it's good to make the hard-disk look like it never had any previous filesystem, which might be interesting. You may want to add a final overwrite with zeros. You can do this with the -z option:

# shred -zdev-hda

This is intended to trick people inspecting your hard-disk. But personally I would clbuttify a hard-disk filled with zeros as very suspicious. Don't do this. Instead, read on.

After the shred command returns, I really recommend creating a new parbreastion table and install a fresh operating system. This confuses possible attackers, as they expected an 'empty' hard-disk.

Sometimes you even need to be more smart. Sometimes it isn't even good enough to make the hard-disk look innocuous. If you really want to trick most people, then I would even create an encrypted filesystem with some random key, and fill it with one large file generated bydev-zero ordev-urandom (which one really doesn't matter for an encrypted filesystem -- usedev-zero, it's a lot faster).

Ankit Fadia : The real picture
Dear All, Yesterday (03-04-2006)I attended a seminar by a so-called "Hacking Guru" Ankit Fadia, at DAVV, Indore (MP) auditorium. I just want to...

An attacker will find that encrypted filesystem and try to break the encryption, possibly making the 'real' data harder to recover with each try.

Regards.

List | Previous | Next

Ethernet Driver Question

Linux groups from Newsgroups

The #1 Usenet Provider on the Internet

Sound Problems with Suse 10

PLEX86 x86- Virtual Machine (VM) Program


	Plex86 \| CVS \| Mailing List \| Download \| Linux \| Newsgroups

		Disk over writing software Important: Don't use any programs related to security, which are not widely known. Don't use any programs related to security, for which there is no source code publicly available. Especially forget GUI programs, as they tend to subsbreastute security by comfort. There is a (not so) little command line program especially designed for this purpose. It's called 'shred' and is preinstalled on almost any non-Windows system. Its main intention is to wipe out entire data storage devices. By default it overwrites the device 25 times, which should be enough to make data effectively physically unrecoverable. If you believe that this is not enough, you may increase this amount. But be prepared to wait quite a while for it to finish. To make data unrecoverable on magnetic storage, it's not enough to overwrite it with purely random data (e.g.dev-urandom output). This does not only take forever, it's not even secure. Shred uses special patterns to overwrite the storage. By calling it with the -v option, you can see those patterns. If you want to securely delete your entiredev-hda, it's enough to type: # shreddev-hda To overwrite 45 times instead of 25, do this: Ethernet Driver Question On 22 Mar 2006, in the Usenet newsgroup comp.os.linux.misc, in article Not only will Knoppix won't detect it... # shred -n45dev-hda Making data unrecoverable is not enough in all cases. Sometimes it's good to make the hard-disk look like it never had any previous filesystem, which might be interesting. You may want to add a final overwrite with zeros. You can do this with the -z option: # shred -zdev-hda This is intended to trick people inspecting your hard-disk. But personally I would clbuttify a hard-disk filled with zeros as very suspicious. Don't do this. Instead, read on. After the shred command returns, I really recommend creating a new parbreastion table and install a fresh operating system. This confuses possible attackers, as they expected an 'empty' hard-disk. Sometimes you even need to be more smart. Sometimes it isn't even good enough to make the hard-disk look innocuous. If you really want to trick most people, then I would even create an encrypted filesystem with some random key, and fill it with one large file generated bydev-zero ordev-urandom (which one really doesn't matter for an encrypted filesystem -- usedev-zero, it's a lot faster). Ankit Fadia : The real picture Dear All, Yesterday (03-04-2006)I attended a seminar by a so-called "Hacking Guru" Ankit Fadia, at DAVV, Indore (MP) auditorium. I just want to... An attacker will find that encrypted filesystem and try to break the encryption, possibly making the 'real' data harder to recover with each try. Regards. List \| Previous \| Next



		Ethernet Driver Question Linux groups from Newsgroups The #1 Usenet Provider on the Internet Sound Problems with Suse 10