Portal Home > Knowledgebase > Articles Database > Secure delete data on HDD
Secure delete data on HDD
| Posted by Carl32, 06-14-2007, 07:48 AM |
| Hi, we've just moved to a new server and was wondering if there was any programs to secure erase all data on the hard drive on the old server (with centOS), as we don't want anyone else who get this harddrive to be able to recover any data.
I'm not that familiar with the file systems used by linux, so perhaps this isn't a problem. Just had to ask.
We use some DoD "approved" applications to remove sensitive data on NTFS partitions on our stationary computers, but couldn't find anything for *nix.
Thank you
|
| Posted by SparkSupport, 06-14-2007, 10:12 AM |
| You can make use the linux utility SHRED
To use shred from the command line, simply type shred followed by the file or directory you want removed. If you prefer, you can shred an entire partition by using a device name (such as /dev/hda1). Shred, however, cannot delete the partition on which it currently resides.
If you want to change the number of times shred overwrites data, use the –n switch. For instance, shred –n 5 checkbook.txt will overwrite the file checkbook.txt a total of five times.
|
| Posted by Mat Sumpter, 06-14-2007, 10:15 AM |
| shred does have some limitations depending on the file system being used on the server:
CAUTION: Note that shred relies on a very important assumption:
that the filesystem overwrites data in place. This is the traditional
way to do things, but many modern filesystem designs do not satisfy this
assumption. The following are examples of filesystems on which shred is
not effective:
* log-structured or journaled filesystems, such as those supplied with
AIX and Solaris (and JFS, ReiserFS, XFS, Ext3, etc.)
* filesystems that write redundant data and carry on even if some writes
fail, such as RAID-based filesystems
* filesystems that make snapshots, such as Network Appliance's NFS server
* filesystems that cache in temporary locations, such as NFS
version 3 clients
* compressed filesystems
Honestly the dd I do multiple DD commands from /dev/random on each individual drive to eradicate any left over bits.
|
| Posted by MMarko, 06-14-2007, 01:02 PM |
| dd is the way to go
|
| Posted by Techbrace, 06-14-2007, 01:18 PM |
| I second that. The following command will do it for you.
dd if=/dev/zero of=/dev/sda conv=notrunc
You can also use dcfldd which is an enhanced version of dd.
|
Add to Favourites 
Print this Article
Also Read
