Tool to wipe unused disk space? - Security

This is a discussion on Tool to wipe unused disk space? - Security ; Hi all, I'm about to send my notebook away for repair, and I would like to make sure that the data I've erased from the HD is not recoverable. Is there a Linux tool for overwriting unused disk space (not ...

+ Reply to Thread
Results 1 to 14 of 14

Thread: Tool to wipe unused disk space?

  1. Tool to wipe unused disk space?

    Hi all,

    I'm about to send my notebook away for repair, and I would like to make
    sure that the data I've erased from the HD is not recoverable.

    Is there a Linux tool for overwriting unused disk space (not existing
    files) with garbage, in order to make the old data unreadable?

    My filesystem is ext3.

    Thanks in advance!


    --
    ennio@sdf.lonestar.org
    SDF Public Access UNIX System - http://sdf.lonestar.org

  2. Re: Tool to wipe unused disk space?

    On 2007-01-19, Ennio Battaglia wrote:
    > I'm about to send my notebook away for repair, and I would like to make
    > sure that the data I've erased from the HD is not recoverable.
    >
    > Is there a Linux tool for overwriting unused disk space (not existing
    > files) with garbage, in order to make the old data unreadable?


    I'd start with a live distro, mount the file system where deleted files
    were under /mnt/disk and:

    dd if=/dev/zero bs=2048 of=/mnt/disk/file
    then use wipe (http://wipe.sourceforge.net/) to wipe that file.

    Gufo
    --
    ,___, Armageddon means never having to say you're sorry.
    (9v9)
    (_^((\ .: May the owl be with you :.
    -^-"-"-\\-^- http://gufo.dontexist.org

  3. Re: Tool to wipe unused disk space?

    On 2007-01-19, Gufo wrote:

    >> Is there a Linux tool for overwriting unused disk space (not existing
    >> files) with garbage, in order to make the old data unreadable?

    >
    > I'd start with a live distro, mount the file system where deleted files
    > were under /mnt/disk and:
    >
    > dd if=/dev/zero bs=2048 of=/mnt/disk/file
    > then use wipe (http://wipe.sourceforge.net/) to wipe that file.



    Thanks Gufo. If I understand correctly, dd makes a big file full of
    zeroes.

    Do you think I could do what you suggest without booting from a CD, or
    would it be less safe? One of the problems I'm having is that I can't
    access the BIOS any more, so I can only boot from the internal HD.


    --
    ennio@sdf.lonestar.org
    SDF Public Access UNIX System - http://sdf.lonestar.org

  4. Re: Tool to wipe unused disk space?

    Do a web search on "linux scrub". It's a utility that will wipe a file
    or unused space on a drive. I installed my copy from an RPM I
    downloaded. The program does multiple overwrites of 0s, 1s, and other
    patterns.

    Your system may have a "root reserve" setup for the drive which will not
    allow a user to fill the drive. There's no controlling where that space
    is and you won't be able to clear it unless you're running as root.

    Complete clearing will also involve clearing your swap partitions. You'd
    have to boot from a CD to do that.

    You can boot from a CD by adding an entry to your boot options in grub
    or whatever boot loader you're using.

    Phil Sherman


    Ennio Battaglia wrote:
    > Hi all,
    >
    > I'm about to send my notebook away for repair, and I would like to make
    > sure that the data I've erased from the HD is not recoverable.
    >
    > Is there a Linux tool for overwriting unused disk space (not existing
    > files) with garbage, in order to make the old data unreadable?
    >
    > My filesystem is ext3.
    >
    > Thanks in advance!
    >
    >


  5. Re: Tool to wipe unused disk space?

    On 2007-01-19, Ennio Battaglia wrote:
    > Thanks Gufo. If I understand correctly, dd makes a big file full of
    > zeroes.


    Yes, and it fills completely the free space.

    > Do you think I could do what you suggest without booting from a CD, or
    > would it be less safe? One of the problems I'm having is that I can't
    > access the BIOS any more, so I can only boot from the internal HD.


    If the free space you want erased is on the same partition of the root
    file system it's not a clever idea.
    If the root file system and /var are on different partiton than the one
    you're gonna fill there's no problem.

    Gufo
    --
    ,___, Armageddon means never having to say you're sorry.
    (9v9)
    (_^((\ .: May the owl be with you :.
    -^-"-"-\\-^- http://gufo.dontexist.org

  6. Re: Tool to wipe unused disk space?

    Gufo (07-01-19 19:43:06):

    > > Thanks Gufo. If I understand correctly, dd makes a big file full of
    > > zeroes.

    >
    > Yes, and it fills completely the free space.


    No, see below.


    > > Do you think I could do what you suggest without booting from a CD,
    > > or would it be less safe? One of the problems I'm having is that I
    > > can't access the BIOS any more, so I can only boot from the internal
    > > HD.

    >
    > If the free space you want erased is on the same partition of the root
    > file system it's not a clever idea.
    > If the root file system and /var are on different partiton than the
    > one you're gonna fill there's no problem.


    This will not work, since it only covers _totally_ unused blocks with
    zeros. If a block is used only partly, then that block remains
    untouched. The most secure way is to backup the data somewhere else and
    then shred(1) the partition, before putting your data back.

    Or best, remove your hard-drive completely, if it isn't needed.


    Regards,
    E.S.

  7. Re: Tool to wipe unused disk space?

    On 2007-01-19, Phil Sherman wrote:

    > Do a web search on "linux scrub". It's a utility that will wipe a file
    > or unused space on a drive. I installed my copy from an RPM I
    > downloaded. The program does multiple overwrites of 0s, 1s, and other
    > patterns.
    >
    > Your system may have a "root reserve" setup for the drive which will not
    > allow a user to fill the drive. There's no controlling where that space
    > is and you won't be able to clear it unless you're running as root.
    >
    > Complete clearing will also involve clearing your swap partitions. You'd
    > have to boot from a CD to do that.



    Thanks for your reply. I've downloaded "scrub" and was able to use it on the
    swap partition simply by doing a "swapoff". I've also used it on / as root:
    judging from the man page, the -X option seems to do something very similar to
    what Gufo suggested.


    --
    ennio@sdf.lonestar.org
    SDF Public Access UNIX System - http://sdf.lonestar.org

  8. Re: Tool to wipe unused disk space?

    On 2007-01-20, Ertugrul Soeylemez wrote:
    >> Yes, and it fills completely the free space.

    <...>
    > This will not work, since it only covers _totally_ unused blocks with
    > zeros. If a block is used only partly, then that block remains
    > untouched. The most secure way is to backup the data somewhere else and
    > then shred(1) the partition, before putting your data back.


    Yes, you're right. I tought ext3 had an approach similar to reiserfs,
    where tail packaging fills the free spot of partially-used blocks.

    Gufo
    --
    ,___, Armageddon means never having to say you're sorry.
    (9v9)
    (_^((\ .: May the owl be with you :.
    -^-"-"-\\-^- http://gufo.dontexist.org

  9. Re: Tool to wipe unused disk space?

    boot from a linux CD and do:

    dd if=/dev/zero of=/dev/hda bs=1M




    On Jan 19, 9:33 am, Ennio Battaglia wrote:
    > Hi all,
    >
    > I'm about to send my notebook away for repair, and I would like to make
    > sure that the data I've erased from the HD is not recoverable.
    >
    > Is there a Linux tool for overwriting unused disk space (not existing
    > files) with garbage, in order to make the old data unreadable?
    >
    > My filesystem is ext3.
    >
    > Thanks in advance!
    >
    > --
    > e...@sdf.lonestar.org
    > SDF Public Access UNIX System -http://sdf.lonestar.org




  10. Re: Tool to wipe unused disk space?

    On Fri, 19 Jan 2007 14:33:10 +0000 (UTC), Ennio Battaglia
    wrote:

    >Hi all,
    >
    >I'm about to send my notebook away for repair, and I would like to make
    >sure that the data I've erased from the HD is not recoverable.
    >
    >Is there a Linux tool for overwriting unused disk space (not existing
    >files) with garbage, in order to make the old data unreadable?
    >
    >My filesystem is ext3.
    >
    >Thanks in advance!



    http://web.cecs.pdx.edu/~cklin/wipe2fs/


    Wipe2fs will do what you want...



  11. Re: Tool to wipe unused disk space?

    Ennio Battaglia writes:

    >Hi all,


    >I'm about to send my notebook away for repair, and I would like to make
    >sure that the data I've erased from the HD is not recoverable.


    >Is there a Linux tool for overwriting unused disk space (not existing
    >files) with garbage, in order to make the old data unreadable?


    >My filesystem is ext3.


    >Thanks in advance!

    cat /dev/urandom>/tmp/junk
    (or even cat /dev/zero>/tmp/junk
    When this stops due to running out of room,
    rm /tmp/junk.

    And the same on each of the other partitions.


    >--
    >ennio@sdf.lonestar.org
    >SDF Public Access UNIX System - http://sdf.lonestar.org


  12. Re: Tool to wipe unused disk space?

    "wanderer83" writes:

    >boot from a linux CD and do:


    >dd if=/dev/zero of=/dev/hda bs=1M
    >Thanks for the replies.


    Well, that won;t exactly preserve your files that are not erased, or your
    partition tables, of your MBR or anthing. Why not just take out the drive
    and throw it away.

    >



    >On Jan 19, 9:33 am, Ennio Battaglia wrote:
    >> Hi all,
    >>
    >> I'm about to send my notebook away for repair, and I would like to make
    >> sure that the data I've erased from the HD is not recoverable.
    >>
    >> Is there a Linux tool for overwriting unused disk space (not existing
    >> files) with garbage, in order to make the old data unreadable?
    >>
    >> My filesystem is ext3.
    >>
    >> Thanks in advance!
    >>
    >> --
    >> e...@sdf.lonestar.org
    >> SDF Public Access UNIX System -http://sdf.lonestar.org




  13. Re: Tool to wipe unused disk space?


    Blip;1001605 Wrote:
    > On Fri, 19 Jan 2007 14:33:10 +0000 (UTC), Ennio Battaglia
    > wrote:
    >
    > >Hi all,
    > >
    > >I'm about to send my notebook away for repair, and I would like to

    > make
    > >sure that the data I've erased from the HD is not recoverable.
    > >
    > >Is there a Linux tool for overwriting unused disk space (not existing
    > >files) with garbage, in order to make the old data unreadable?
    > >
    > >My filesystem is ext3.
    > >
    > >Thanks in advance!

    >
    >
    > 'Wipe2fs' (http://web.cecs.pdx.edu/~cklin/wipe2fs/)
    >
    >
    > Wipe2fs will do what you want...


    It's quite easy to remove the HD and replace with a dummy.No data,no
    problem.

    Regards,
    Scott


    --
    redhowlingwolves
    ------------------------------------------------------------------------
    redhowlingwolves's Profile: http://unixadmintalk.com/1359
    View this thread: http://unixadmintalk.com/showthread.php?t=259366


  14. Re: Tool to wipe unused disk space?

    redhowlingwolves writes:



    >Blip;1001605 Wrote:


    >> On Fri, 19 Jan 2007 14:33:10 +0000 (UTC), Ennio Battaglia
    >> wrote:
    >>
    >> >Hi all,
    >> >
    >> >I'm about to send my notebook away for repair, and I would like to


    >> make
    >> >sure that the data I've erased from the HD is not recoverable.
    >> >
    >> >Is there a Linux tool for overwriting unused disk space (not existing
    >> >files) with garbage, in order to make the old data unreadable?
    >> >
    >> >My filesystem is ext3.
    >> >
    >> >Thanks in advance!

    >>
    >>
    >> 'Wipe2fs' (http://web.cecs.pdx.edu/~cklin/wipe2fs/)
    >>
    >>
    >> Wipe2fs will do what you want...


    As root.
    cat /dev/urandom >/wipefile ; rm /wipefile

    Do that for each partition.

    (It is a bit slow-- a few MB/sec.)
    So if there is lots of space, you need to wait a while.




    >It's quite easy to remove the HD and replace with a dummy.No data,no
    >problem.




+ Reply to Thread