HPE Community
Operating System - HP-UX
1833707 Members
2249 Online
110063 Solutions
New Discussion

DD for disk wiping

 
Brandilyn Carpenter
Occasional Contributor

‎03-13-2002 08:05 AM

‎03-13-2002 08:05 AM

DD for disk wiping

I would like to use the "dd" command to overwrite sensitive disks (per company policy) with 3 separate passes.

I would like to know how the "if=" option works. How can I create a small file that will overwrite an entire disk?

Regards
Brandilyn
0 Kudos
Reply
12 REPLIES 12
harry d brown jr
Honored Contributor

‎03-13-2002 08:07 AM

‎03-13-2002 08:07 AM

Re: DD for disk wiping



Use


dd if=/dev/zero of=/dev/dsk/whatever bs=blksize count=#ofblks


live free or die
harry
Live Free or Die
0 Kudos
Reply
S.K. Chan
Honored Contributor

‎03-13-2002 08:09 AM

‎03-13-2002 08:09 AM

Re: DD for disk wiping

You would do this ..
# mknod /dev/zero c 3 0x000003
==> create a pseudo driver
# dd if=/dev/zero of=/dev/rdsk/c2t2d0
==> will overwrite everything in c2t2d0

0 Kudos
Reply
harry d brown jr
Honored Contributor

‎03-13-2002 08:10 AM

‎03-13-2002 08:10 AM

Re: DD for disk wiping

Of course mediainit will work also.

live free or die
harry
Live Free or Die
0 Kudos
Reply
Brandilyn Carpenter
Occasional Contributor

‎03-13-2002 08:14 AM

‎03-13-2002 08:14 AM

Re: DD for disk wiping

Company policy requires that all disks be overwritten with patterns of characters (eg 1's and 0's) with three passes.

Mediainit, i heard can leave data and junk behind.
0 Kudos
Reply
Bill McNAMARA_1
Honored Contributor

‎03-13-2002 08:44 AM

‎03-13-2002 08:44 AM

Re: DD for disk wiping

for the really security consious, I saw a funny story on slashdot yesterday about leds..

Apparently you can detect and reassemble data from LED watching. ie the leds that exist on LAN cards and disk to id data traffic.

Thats kind of cool.!

Re this problem, the dev zero way will do the trick, but so will a massive magnet passed over the disk too...

Later,
Bill
It works for me (tm)
0 Kudos
Reply
Ralph Grothe
Honored Contributor

‎03-13-2002 09:46 AM

‎03-13-2002 09:46 AM

Re: DD for disk wiping

Bill,

the LED thing is really mind boggling.
On German television we have a show called "Wetten Dass" (i.e. losely translated "bet that"), where all kinds of geeks perform the most obscure bets.
I can remember some years ago there were two pupils having the bet that they could identify out of some 500 CD recordings the title of a song by only watching the flickering of the LEDs of the music device, and they did it (I think it were 6 titles drawn randomly of the lot).

Now this came up my mind when I read your reply.
I bet they would also tell what is read from your hard disk ;-)


Madness, thy name is system administration
0 Kudos
Reply
Ian Dennison_1
Honored Contributor

‎03-13-2002 09:59 AM

‎03-13-2002 09:59 AM

Re: DD for disk wiping

If you want security,...

I worked for Defence and the Army brought in some classified data on a disk to be wiped. We passed over a magnet a couple of times, and they said 'Not good enough'.

In the end, we cracked the hard-drive open, and blow-torched the physical media into a puddle (in a well ventilated area, of course).

If security is your requirement, then why not try total destruction of the media? Maybe some document destruction companies specialise in this sort of removal?

Share and Enjoy! Ian
Building a dumber user
0 Kudos
Reply
harry d brown jr
Honored Contributor

‎03-13-2002 10:27 AM

‎03-13-2002 10:27 AM

Re: DD for disk wiping

Brandilyn,

If your company requires writing character patterns of 0's and 1's, meaning the ascii character 0 (zero - 0x30 - 00110000) and the ascii character 1 (one - 0x31 - 00110001), then your policy needs to change to Hex 00's (00000000) and Hex FF's (11111111), or some folded character like 0xAA and 0x55 - which 0xAA=10101010 and 0x55=01010101.

What's your companies policy on computer tapes? You should use bulk head erasers (big strong electro-magnets), then fastforward the tape, erase it again, and then shred and burn the tape.


live free or die
harry
Live Free or Die
0 Kudos
Reply
Frank Slootweg
Honored Contributor

‎03-14-2002 05:03 AM

‎03-14-2002 05:03 AM

Re: DD for disk wiping

> Company policy requires that all disks be overwritten with patterns of characters (eg 1's and 0's) with three passes.

See the yes(1) command. Yes, yes is a command! :-)

With yes(1) and echo(1) you can generate any pattern.

yes(1) also generates line-feeds, so if you do not want those, you should strip them.

A simple example, generating all-ones characters (and sending the data to a file and limiting the size):

yes `echo '\0377'` | tr -d '\012' | dd of=/tmp/data count=10
od -b /tmp/data
rm /tmp/data

Please note that these kinds of methods are not CIA et al proof. I.e. agencies like this can still retrieve some of the data. Same after mediainit(1M).

General remark: Please do *not* use mediainit(1M) for (somewhat) modern disks. It does no good and may make them less reliable or even inoperable. mediainit(1M) is for very old/'strange' stuff.
0 Kudos
Reply
melvyn burnard
Honored Contributor

‎03-14-2002 05:19 AM

‎03-14-2002 05:19 AM

Re: DD for disk wiping

There is a 3rd party company in the USA that sell ssoftware for precisely this purpose, but do you think I can remember who ;-{
My house is the bank's, my money the wife's, But my opinions belong to me, not HP!
0 Kudos
Reply
Stacey Rippetoe
Advisor

‎08-06-2002 06:28 AM

‎08-06-2002 06:28 AM

Re: DD for disk wiping

For the software try UniShred by Los Altos Technologies Inc. at www.lat.com



Stacey




0 Kudos
Reply
Stefan Farrelly
Honored Contributor

‎08-06-2002 06:40 AM

‎08-06-2002 06:40 AM

Re: DD for disk wiping

There was a long discussion about this a while ago. Heres the link.

http://forums.itrc.hp.com/cm/QuestionAnswer/1,,0x24b53a7b3682d611abdb0090277a778c,00.html

The best way is to not only use /dev/zero but /dev/one, two... etc. There is a perl script on the above link to do random writes of 1's, 2's etc.
Im from Palmerston North, New Zealand, but somehow ended up in London...
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.