Destroy data

 
SOLVED
Go to solution
renarios
Trusted Contributor

Destroy data

Hi all,

I have a few old HP-UX boxes with loads of data which I like to sanitize.
My question is: What can I do best:
umount the mountpoints, lvreduce -m0 ..., lvrmeove, vgremove and then sanitze with dd or can I umount, vgexport the VG and sanitize with dd.

Greets,
Renarios
Nothing is more successfull as failure
10 REPLIES 10
James R. Ferguson
Acclaimed Contributor
Solution

Re: Destroy data

Hi Renarios:

> umount, vgexport the VG and sanitize with dd.

This will be quite appropriate.

Regards!

...JRF...

Michal Kapalka (mikap)
Honored Contributor

Re: Destroy data

hi,

its depend if you like the disk use again,

if not you could use also physical damage on the disks.

PS : i think if you use pvcreate -f on your disk it could be enough.

mikap
Doug O'Leary
Honored Contributor

Re: Destroy data

Hey;

Realize that you can still retrieve information from a disk after just about anything you can do to it - short of meling it down.

If you have legal requirements to ensure the data is irretrievable, you're pretty much stuck with finding someone to give it an acid bath or melt it down. Other than that, a few dd runs with alternating 0s and 1s should do the trick.

Doug

------
Senior UNIX Admin
O'Leary Computers Inc
linkedin: http://www.linkedin.com/dkoleary
Resume: http://www.olearycomputers.com/resume.html
renarios
Trusted Contributor

Re: Destroy data

Allright, so vgexport is the best option. Thanks!
I already created that a loop that alternately does a dd if=/dev/null and /dev/zero for a couple of times, so I hope that does the trick.

Cheers,

Renarios
Nothing is more successfull as failure
James R. Ferguson
Acclaimed Contributor

Re: Destroy data

Hi (again) Renarios:

> I already created that a loop that alternately does a dd if=/dev/null and /dev/zero for a couple of times,

Using '/dev/null' will do nothing. You can most certainly use '/dev/zero' or for random patterns (slower) use '/dev/urandom':

# dd if=/dev/urandom of=dev/rdsk/CxtYdZ bs=1024k

Note the use of the raw disk device to circumvent the LVM layer and buffer cache. Note, too, the use of a large blocksize for fast I/O.

As Doug noted, "sanitization" really is a relative term, but for general purposes, a few passes with 'dd' is probably reasonable.

Regards!

...JRF...
renarios
Trusted Contributor

Re: Destroy data

Hi James,

Thanks for the input. RandomNumGen wasn't installed on the boxes yet. I installed it, so let's test it!

Cheers,
Renarios
Nothing is more successfull as failure
renarios
Trusted Contributor

Re: Destroy data

vgexport is the best method.
Nothing is more successfull as failure
Stan Sieler
Respected Contributor

Re: Destroy data

We have a tool that wipes disk drives to HIPAA standards, or U.S Department of Defense standards, on HP-UX systems (and MPE systems). It's called WipeDisk/UX.

http://www.allegro.com/?page_id=419

(We support other multi-pass erasure standards, but find that most people seem to be interested in either HIPAA or single-pass erasure.)
renarios
Trusted Contributor

Re: Destroy data

Hi Stan,

Thanks for your reply, but I've already done the trick. Disks are clean after being rewritten with /dev/urandom information for forty times.
It would be a good alternative for the next time though!

Cheers,

Renarios
Nothing is more successfull as failure