Author Topic: Urgent security need!  (Read 7630 times)

0 Members and 2 Guests are viewing this topic.

Offline GameSnake

  • News hound
  • Hero Member
  • *****
  • Posts: 2937
    • View Profile
Urgent security need!
« on: May 11, 2006, 10:31:20 pm »
In need of hard drive deletion. I am thinking I could overwrite the OS with a diskette trojan right? Any advice is helpfull.
« Last Edit: May 11, 2006, 10:33:02 pm by GameSnake »

Offline Sidoh

  • x86
  • Hero Member
  • *****
  • Posts: 17634
  • MHNATY ~~~~~
    • View Profile
    • sidoh
Re: Urgent security need!
« Reply #1 on: May 11, 2006, 10:47:34 pm »
In need of hard drive deletion. I am thinking I could overwrite the OS with a diskette trojan right? Any advice is helpfull.

... overwrite the OS with a diskette trojan?  Yeah, okay.

Deleting the OS (or even formatting the drive) won't destroy the data completely.  You'll want to get a drive scrubber, which overwrites data with garbage.  Install linux and use shred.

Offline iago

  • Leader
  • Administrator
  • Hero Member
  • *****
  • Posts: 17914
  • Fnord.
    • View Profile
    • SkullSecurity
Re: Urgent security need!
« Reply #2 on: May 12, 2006, 08:09:04 am »
Download DBAN.  Burn it to a CD.  Put the CD in your drive.  Reboot.  Follow the instructions.

Warning: will delete all data on the drive. 

When asked, 3 passes is sufficient. 

Offline GameSnake

  • News hound
  • Hero Member
  • *****
  • Posts: 2937
    • View Profile
Re: Urgent security need!
« Reply #3 on: May 12, 2006, 06:51:50 pm »
Thanks iago. DBAN fits on a diskette, Sidoh, and thats what I meant by "diskette trojan", the wording was probably not correct.

Offline iago

  • Leader
  • Administrator
  • Hero Member
  • *****
  • Posts: 17914
  • Fnord.
    • View Profile
    • SkullSecurity
Re: Urgent security need!
« Reply #4 on: May 12, 2006, 09:21:39 pm »
Your wording was definitely wrong.  A trojan is a program that comes disguised as another program.

Offline Warrior

  • supreme mac daddy of trolls
  • Hero Member
  • *****
  • Posts: 7503
  • One for a Dime two for a Quarter!
    • View Profile
Re: Urgent security need!
« Reply #5 on: May 13, 2006, 01:39:55 pm »
Generally what happens when a drive is formatted? I'd think just reformatting and reinstalling an OS ontop of it should suffice..
*shrug* Maybe they just leave the garbage data left over from the last install there and rebuild the FS Tree.
One must ask oneself: "do I will trolling to become a universal law?" And then when one realizes "yes, I do will it to be such," one feels completely justified.
-- from Groundwork for the Metaphysics of Trolling

Offline Eric

  • Full Member
  • ***
  • Posts: 304
  • I'm new here!
    • View Profile
Re: Urgent security need!
« Reply #6 on: May 13, 2006, 04:04:13 pm »
*shrug* Maybe they just leave the garbage data left over from the last install there and rebuild the FS Tree.

That's what happens during a "quick" format on Windows.  I believe the standard option fills the disk with random data, but I'm unsure.

On Linux, you'd simply have to run the shred program after creating the partition.

Offline Joe

  • B&
  • x86
  • Hero Member
  • *****
  • Posts: 10319
  • In Soviet Russia, text read you!
    • View Profile
    • Github
Re: Urgent security need!
« Reply #7 on: May 14, 2006, 09:44:42 am »
I don't think the standard option does that, because if it did, unformat couldn't work.
I'd personally do as Joe suggests

You might be right about that, Joe.


Offline iago

  • Leader
  • Administrator
  • Hero Member
  • *****
  • Posts: 17914
  • Fnord.
    • View Profile
    • SkullSecurity
Re: Urgent security need!
« Reply #8 on: May 14, 2006, 02:40:33 pm »
Generally what happens when a drive is formatted? I'd think just reformatting and reinstalling an OS ontop of it should suffice..
*shrug* Maybe they just leave the garbage data left over from the last install there and rebuild the FS Tree.

There's always slack space between files and stuff where bits and pieces of data can be recovered.  When a drive is formatted, it builds the filesystem structure, which doesn't overwrite every bit of data. 

Also, depending on the sensitivity of the data, a single over-write doesn't always suffice.  Overwritten data can be recovered with advanced technology.  Usually nothing to worry about, but like I said it depends on the sensitivity of the data.  The Canadian military (RCMP) recommend 3 overwrites for unclassified/secret data and for top-secret the drive has to be incinerated. 

That's what happens during a "quick" format on Windows.  I believe the standard option fills the disk with random data, but I'm unsure.

On Linux, you'd simply have to run the shred program after creating the partition.
I'm not positive, but I'm pretty sure a quick format and slow format write the same data to the drive, but a slow format also verifies the drive's integrity. 

'shred' isn't designed to shred a partition, just a file (although Linux treats everything as a file, so it's possible).  To shred a single partition you can just write random data to it (cat /dev/urandom > /dev/hda1).  Or to shred the whole disk you can pipe data straight to the disk (cat /dev/urandom > /dev/hda).  That's basically what DBAN does. 

Offline Newby

  • x86
  • Hero Member
  • *****
  • Posts: 10877
  • Thrash!
    • View Profile
Re: Urgent security need!
« Reply #9 on: May 14, 2006, 05:12:06 pm »
'shred' isn't designed to shred a partition, just a file (although Linux treats everything as a file, so it's possible).

Quote from: info coreutils shred
   You might use the following command to erase all trace of the
filesystem you'd created on the floppy disk in your first drive.  That
command takes about 20 minutes to erase a "1.44MB" (actually 1440 KiB)
floppy.

     shred --verbose /dev/fd0

   Similarly, to erase all data on a selected partition of your hard
disk, you could give a command like this:

     shred --verbose /dev/sda5

   An exit status of zero indicates success, and a nonzero value
indicates failure.
- Newby
http://www.x86labs.org

Quote
[17:32:45] * xar sets mode: -oooooooooo algorithm ban chris cipher newby stdio TehUser tnarongi|away vursed warz
[17:32:54] * xar sets mode: +o newby
[17:32:58] <xar> new rule
[17:33:02] <xar> me and newby rule all

I'd bet that you're currently bloated like a water ballon on a hot summer's day.

That analogy doesn't even make sense.  Why would a water balloon be especially bloated on a hot summer's day? For your sake, I hope there wasn't too much logic testing on your LSAT. 

Offline iago

  • Leader
  • Administrator
  • Hero Member
  • *****
  • Posts: 17914
  • Fnord.
    • View Profile
    • SkullSecurity
Re: Urgent security need!
« Reply #10 on: May 14, 2006, 05:41:55 pm »
'shred' isn't designed to shred a partition, just a file (although Linux treats everything as a file, so it's possible).

Quote from: info coreutils shred
   You might use the following command to erase all trace of the
filesystem you'd created on the floppy disk in your first drive.  That
command takes about 20 minutes to erase a "1.44MB" (actually 1440 KiB)
floppy.

     shred --verbose /dev/fd0

   Similarly, to erase all data on a selected partition of your hard
disk, you could give a command like this:

     shred --verbose /dev/sda5

   An exit status of zero indicates success, and a nonzero value
indicates failure.

Like I said, it's not designed for that.  The evidence would be the way it says "you might want to try"

Offline MyndFyre

  • Boticulator Extraordinaire
  • x86
  • Hero Member
  • *****
  • Posts: 4540
  • The wait is over.
    • View Profile
    • JinxBot :: the evolution in boticulation
Re: Urgent security need!
« Reply #11 on: May 16, 2006, 02:44:35 pm »
I'm not positive, but I'm pretty sure a quick format and slow format write the same data to the drive, but a slow format also verifies the drive's integrity. 
That's correct.  A slow format is the equivalent of running a chkdsk -s scan for physical drive defects.

Format replaces the boot sector and MFT or FAT and root directory.  The quick version does *only* that.
I have a programming folder, and I have nothing of value there

Running with Code has a new home!

Our species really annoys me.

Offline Ersan

  • Full Member
  • ***
  • Posts: 143
  • Hi! I'm new here!
    • View Profile
Re: Urgent security need!
« Reply #12 on: May 16, 2006, 08:00:38 pm »
The Canadian military (RCMP) recommend 3 overwrites for unclassified/secret data and for top-secret the drive has to be incinerated. 

The U.S. Department of Defense (DoD 5220.22-M) requires 7 random data stream passes, keep on sucking Canada!

Offline Newby

  • x86
  • Hero Member
  • *****
  • Posts: 10877
  • Thrash!
    • View Profile
Re: Urgent security need!
« Reply #13 on: May 16, 2006, 08:34:50 pm »
Seriously. 8)
- Newby
http://www.x86labs.org

Quote
[17:32:45] * xar sets mode: -oooooooooo algorithm ban chris cipher newby stdio TehUser tnarongi|away vursed warz
[17:32:54] * xar sets mode: +o newby
[17:32:58] <xar> new rule
[17:33:02] <xar> me and newby rule all

I'd bet that you're currently bloated like a water ballon on a hot summer's day.

That analogy doesn't even make sense.  Why would a water balloon be especially bloated on a hot summer's day? For your sake, I hope there wasn't too much logic testing on your LSAT. 

Offline iago

  • Leader
  • Administrator
  • Hero Member
  • *****
  • Posts: 17914
  • Fnord.
    • View Profile
    • SkullSecurity
Re: Urgent security need!
« Reply #14 on: May 16, 2006, 09:00:21 pm »
The Canadian military (RCMP) recommend 3 overwrites for unclassified/secret data and for top-secret the drive has to be incinerated. 

The U.S. Department of Defense (DoD 5220.22-M) requires 7 random data stream passes, keep on sucking Canada!


For what grade of data? 

There is no real difference between 2, 3, 5, 7, and 100 passes.  After the second one it is basically impossible to recover the data in any useable way.  The third one is just to be safe, but the last 4 are pretty useless.  For the time it takes to wipe a drive, waiting for 7 passes isn't an efficiant use of time. 

But like I said, for highest priority data (top secret), the drive has to be incinerated and recycled.