DoD Harddrive Secure Erase Wipe - Storage

This is a discussion on DoD Harddrive Secure Erase Wipe - Storage ; DoD Harddrive Secure Erase Wipe I have a project which I need to DoD harddrives for the company. I have large raid-scsi enclosure which I can use. I have access Quad/Octa Xeon P4 servers with 3 dual channel LVE/SE ultra ...

+ Reply to Thread
Results 1 to 5 of 5

Thread: DoD Harddrive Secure Erase Wipe

  1. DoD Harddrive Secure Erase Wipe

    DoD Harddrive Secure Erase Wipe

    I have a project which I need to DoD harddrives for the company. I
    have large raid-scsi enclosure which I can use.

    I have access Quad/Octa Xeon P4 servers with 3 dual channel LVE/SE
    ultra scsi 160 cards. With these, I would be able to drive 4 x 14 scsi
    drive (IBM EXP300 / 3531-1RU) units.

    What are my options?

    I was thinking about doing following.

    1. for i in 1 2 3 4 5 6 7; do time dd /dev/random of=/dev/sda
    bs=1048576; done

    Use the random bits into drive 7 times.
    I think with 14 x 36GB scsi in raid5 setup would take approximately
    18 x 7pass = 5 days.
    This is pretty bad.

    2. I could setup stripped version of gentoo with proper raid
    controller driver(here IBM ServeRaid 4Mx and run DBAN from boot drive.

    I've got a question, does anyone have working knowledge of DoD5200.28-
    STD & DoD5200.22-M? I need to know how it's supposed to work, then I
    could just write simple c program to erase drive instead of relying on
    other tools for speed.
    I need fastest solution available.

    Thanks.

  2. Re: DoD Harddrive Secure Erase Wipe

    In article <6118a9a7-2935-4915-9aab-4bdbe1d4d0e0@u10g2000prn.googlegroups.com>,
    oktokie wrote:
    >DoD Harddrive Secure Erase Wipe
    >
    >I have a project which I need to DoD harddrives for the company. I
    >have large raid-scsi enclosure which I can use.
    >
    >I have access Quad/Octa Xeon P4 servers with 3 dual channel LVE/SE
    >ultra scsi 160 cards. With these, I would be able to drive 4 x 14 scsi
    >drive (IBM EXP300 / 3531-1RU) units.
    >
    >What are my options?


    Basically none. It is a federal felony to do this wrong, and you cannot
    do it right without special software. Give the drives to an entity which
    specializes in the disposal of classified and sensitive materials for the
    government and its contractors and be glad you are rid of the problem.

    --
    Thor Lancelot Simon tls@rek.tjls.com

    "The inconsistency is startling, though admittedly, if consistency is to
    be abandoned or transcended, there is no problem." - Noam Chomsky

  3. Re: DoD Harddrive Secure Erase Wipe

    In article <6118a9a7-2935-4915-9aab-4bdbe1d4d0e0@u10g2000prn.googlegroups.com>,
    oktokie wrote:
    >
    >I've got a question, does anyone have working knowledge of DoD5200.28-
    >STD & DoD5200.22-M? I need to know how it's supposed to work, then I


    If you're actually complying with DoD regs then you need to use
    a certified program. You can't just write your own. Talk to your ISSM.

    If you're just trying to be as good as DoD standards but not actually
    dealing with classified stuff then I seem to recall that writing a semi-
    random pattern across the entire platter(s) 7 times is considered sufficient .
    I dont' have a reference handy, but I think you could google "magnetic
    remanence"...


  4. Re: DoD Harddrive Secure Erase Wipe


    > I've got a question, does anyone have working knowledge of DoD5200.28-
    > STD & DoD5200.22-M? I need to know how it's supposed to work, then I
    > could just write simple c program to erase drive instead of relying on
    > other tools for speed.
    > I need fastest solution available.
    >
    > Thanks.


    Have you checked this?
    http://dban.sourceforge.net/

  5. Re: DoD Harddrive Secure Erase Wipe

    On Apr 2, 7:37 pm, oktokie wrote:
    > I've got a question, does anyone have working knowledge of DoD5200.28-
    > STD & DoD5200.22-M? I need to know how it's supposed to work, then I
    > could just write simple c program to erase drive instead of relying on
    > other tools for speed.


    These standards are more about following process and using certified
    tools than they are about effectively erasing data from drives.
    See http://docs.info.apple.com/article.html?artnum=303462 for a list
    of 'interesting patterns' to do this.

    That being said, it is questionable how much 'safer' doing a 7 pass
    erase would be than doing just a single write of random data for most
    modern drives.
    The theories behind these DoD specs go back to pretty outdated data
    encoding mechanisms used inside the drives. The patterns are designed
    to flip bits often enough to
    wipe out any residual hysteresis effects. If you use any of these
    patterns, make sure to disable the write caching on the drives, or
    else very few of these bit flips will make it onto the platter, and
    none will arrive there in the desired order.



+ Reply to Thread