Page 1 of 2
Wiping HD's before selling (a challenge to some1)
Posted: Wed Mar 02, 2005 1:01 am
by Fusion
Greetings DBB Members!
I am a Donation Attendant in a Not-For-Profit business. We accept, among other things, computers and all periphs. All OSes, any platform, and age. In order to sell these computers that we receive, we must erase the HD to prevent ID theft. However doing that is becoming impossible thx to Mr. Gates
With computers Win 98 and back we are able to go into dos and use the DOS command "format c: <enter>" (w/o quotes) and erase the HD. Unfortunately this does not work in 2K and up cuz u need an admin PW do do anything like this. I beleive this is also the case for Linux/Unix critters as well, not sure.
Is there an app that my company can buy, pass out to all of our locations, and use to erase
ALL Windows and Linux/Unix OSes HD's completely? If one does not exist, can one be cooked up (made) that will do the job? Only requirements would be that it be on a CD-Rom and/or a 3.5 floppy, and be able to run on a min of a 486 chip box. Can this or has this been done?
I will be posting this in a couple other forums for input there.
Any programmers out there for the challenge?
Fus
PS. Mods, please keep an eye on this string, please? I don't need any bashing on our choice of DOS commands for erasing the HD's. thx
Fus
Posted: Wed Mar 02, 2005 1:17 am
by Admiral LSD
If you get a hold of a Linux LiveCD like Knoppix you could probably run a dd command that overwrites every sector on the hdd with random garbage. Not sure of the exact syntax but it'd be something like this:
Code: Select all
dd if=/dev/urandom of=/dev/hda bs=512
plus some other parameters which I can't quite remember to make it iterate until all the sectors are overwritten.
Posted: Wed Mar 02, 2005 1:20 am
by Ferno
Make a win98 bootdisk.
then run fdisk.
Posted: Wed Mar 02, 2005 1:25 am
by Fusion
Ferno wrote:Make a win98 bootdisk.
then run fdisk.
Will that work on 2k and up?
Fus
Posted: Wed Mar 02, 2005 1:27 am
by Lothar
if the system has a working floppy drive, you can boot it from a floppy and then format the hard drive, regardless of what operating system is on the hard drive.
BUT...
formatting the hard drive will not protect people's information. When you format the hard drive, all you're doing is wiping out the "table of contents", so to speak. It's still quite possible for someone to bust out an "unformat" program to recover the data on the hard drive.
What you really need is something to completely wipe the data. There are programs out there to do this. Google gave me
Drive Scrubber,
Wipe Drive, and
an article from a bank site that links to
AutoClave. AutoClave looks good to me -- it's a free program, and if UW uses it, it's probably good enough. My dad also linked me to
this listing, and specifically to
Darik's Boot and Nuke, which also looks pretty good (as most sourceforge apps are.)
All that is to say... I don't know enough to be able to tell you right away what to do, but google and my dad have provided plenty of links to research. My instinct says to start with DBAN (the last link) and see if it looks good to you...
Re: Wiping HD's before selling (a challenge to some1)
Posted: Wed Mar 02, 2005 1:28 am
by Matrix
Fusion wrote:PS. Mods, please keep an eye on this string, please? I don't need any bashing on our choice of DOS commands for erasing the HD's. thx
Fus
Is that because u already know formatting the drive doesnâ??t do a damn thing against stopping people from recovering the data?
u need to do like admiral suggested, write totally random bits to the entire drive.
Edit: lothar also
Posted: Wed Mar 02, 2005 1:31 am
by Lothar
write totally random bits to the entire drive.
... which you can do if you grab one of the already-written apps I linked to above. No sense in reinventing the wheel -- just find out how universities or the government do their data wiping, and if they use free software, find a copy.
Posted: Wed Mar 02, 2005 1:35 am
by Admiral LSD
Autoclave and DBAN both appear to be based on Linux and most likely perform a variation on what I alluded to in my first post
Posted: Wed Mar 02, 2005 2:43 am
by kurupt
does a low level format not completely erase everything? i was under the assumption that it did. you can do these formats using tools that can be found on the manufacturers websites.
Posted: Wed Mar 02, 2005 6:33 am
by Flatlander
What Lothar said. Another program that is available is
http://www.killdisk.com ; maxllf also works, see
http://www.ameriwebs.net/groupworks/george/llf.htm
Posted: Wed Mar 02, 2005 7:24 am
by Genghis
Admiral LSD wrote:
Code: Select all
dd if=/dev/urandom of=/dev/hda bs=512
This is what I would do. Knoppix is awesome: it's free, widely used, and a favorite for forensics work. Just google to download and burn it onto a CD. You can also google to find a ton of how-to's for getting started with Knoppix.
Interesting side note: if you wanted to erase a drive so a well-funded agency (e.g. the NSA) can't recover the data, you'd have to overwrite it seven to 12 times! Of course for your purposes you don't need to worry about this.
Re: Wiping HD's before selling (a challenge to some1)
Posted: Wed Mar 02, 2005 7:33 am
by WarAdvocat
Fusion wrote:I don't need any bashing on our choice of DOS commands for erasing the HD's.
You do realize that's like throwing blood in shark-infested waters
...and then taking a swim.
Realistically, a Win98 boot disk+fdisk is all you need to protect people's data 99% of the time (provided, of course, it works on NTFS drives). That last 1% is a KILLER, though, so I would definately advise that you use something more thorough than fdisk or format, to at least keep the honest men honest.
Posted: Wed Mar 02, 2005 7:50 am
by KompresZor
I have a little com file that you could put on a bootable floppy that will wipe the HD. A friend of mine that worked for Swan Computers ( tells you how long ago it was ) gave it to me for bulk file erasure.
To use it you would just have to make a bootable floppy and copy the file ( Nuke.com ) onto the floppy disk. Boot the computer off the disk and type "nuke c:" then just let it do it's thing. It will remove all the information on the drive including the partition information. One word of caution, it does not ask questions and once you hit enter the only way to stop it is to pull the plug
So i wouldn't automate it.
I have not tried it on Win2k and up OS's so I'm not 100% sure it will work, it is pretty old and my have trouble with NTFS.
If you want to try it email me or catch me in chat.
Posted: Wed Mar 02, 2005 8:10 am
by JMEaT
One of my old college professors had a program he wrote in C++ called Nuke. It ground zero'd a hard drive.
Why not just low level format the disk though using a proggy like
MaxLLF?
Posted: Wed Mar 02, 2005 8:44 am
by Iceman
CyberScrub rawkz joo ...
Really, I love this tool. I started using it when going through my divorce ... I found evidence that my ex was entering the house and scanning the PC. She left with nothing ...
I like these features of it:
* Individual file, folder, and disk erasure
* User selects wiping method
* "Erase beyond recovery" menu selection integrated into desktop.
* Smart enough to sanitize ALL internet activity.
* Even the brainless can use it ...
Posted: Wed Mar 02, 2005 9:01 am
by WarAdvocat
Iceman wrote:* Even the brainless can use it ...
heh
Posted: Wed Mar 02, 2005 10:01 am
by woodchip
Another possible way is to install "SureDelete", erase all files except the o.s., then do a suredelete which will overwrite all erased sectors. You can have multiple overwrites that anyone except the fbi may have problems recovering. Then you can wipe the HD totally.
Posted: Wed Mar 02, 2005 10:33 am
by Vindicator
Degaussing?
Posted: Wed Mar 02, 2005 10:54 am
by WarAdvocat
didn't we already have the Degaussing conversation not too long ago?
Posted: Wed Mar 02, 2005 11:06 am
by Stryker
One thing you might try is a program such as Norton Ghost. This program will basically take a hard drive, erase EVERYTHING on it, and put whatever's on the CD onto the HD instead. You'll have to do some messing in BIOS to make sure the computer is set to boot off a CD before the HD (the best format I've found is floppy/CD/HD), then insert the CD and reboot the computer. It should come up and give you options for ghosting the HD.
I'll also second
http://www.killdisk.com/ , it looks like a good proggie if you don't want to go through all the hassles (possible legal consequences too, if you ghost a version of windows or mac onto the systems) of ghosting. Just remember to check the BIOS settings as a computer boots up to make sure it's set to boot off a bootable floppy if one is present. Almost all BIOS setups will look different depending on the system, so I can't give you foolproof instructions on that; but it's not too hard to do.
Posted: Wed Mar 02, 2005 11:46 am
by fliptw
get knoppix. Why? it gives you another opurtinity to back-up data without having to resort to rebooting(if your smart enough to take out other drives before doing this, then it saves you alot of hassle).
It also gives you the most flexibility.
the basic pattern is doing alternating writes of OO's and FF's to the disk, and not writing random values to the disk. You want to nudge the magnetic paticles to a neutral orination.
Posted: Wed Mar 02, 2005 11:52 am
by woodchip
Posted: Wed Mar 02, 2005 5:46 pm
by MD-2389
WarAdvocat wrote:didn't we already have the Degaussing conversation not too long ago?
Well, theres always that magnet Krom linked to a while back.
If that little sucker can lift 400lb, I don't think it will have any problem degaussing a hard drive.
If not, sticking it into an MRI will definitely do the trick.
Seriously though, a simple low-level format will do fine for your purposes. Now if you really wanted to hide data, then use the program(s) that Lothar linked to, or what Admiral LSD said. Just be aware that either way this will take a fair bit of time, particularly if the drives are rather large.
Posted: Wed Mar 02, 2005 6:28 pm
by Lothar
You definitely want to have something simple -- no sense in having to have every donation worker at your entire thrift store chain trying to learn UNIX shell scripting or anything like that.
It looks like both DBAN and AutoClave would do what you want. If you can get permission from your boss, download one of each and practice on donated computers... see which one seems to work the best, and the easiest.
Posted: Wed Mar 02, 2005 7:20 pm
by Cuda68-2
gdisk.exe - fits on a floppy and poof goes the data
Posted: Wed Mar 02, 2005 8:24 pm
by DCrazy
MD, sticking an HDD into an MRI is NOT the smartest idea, unless you want an HDD spinning around in mid-air.
Posted: Wed Mar 02, 2005 11:37 pm
by Fusion
TY all for your input. I have printed up Lothar's suggested applications mentioned in his first post, and will be sharing it w/my superiors. I am kinda leaning towards DBAN, based on
this list of info on what the app will do, and the simplicity of it. I can't find the same info @ autoclave's website.
Fus
Posted: Thu Mar 03, 2005 1:33 am
by Ned
recently tried ghost and thought it was an awful program
my 2 cents
Posted: Thu Mar 03, 2005 5:06 pm
by MD-2389
DCrazy wrote:MD, sticking an HDD into an MRI is NOT the smartest idea, unless you want an HDD spinning around in mid-air.
Hense the next two words in my post.
Though in that situation, more than likely it would slam against one of the walls of the scanner, which would ruin the drive anyways.
Posted: Thu Mar 03, 2005 5:56 pm
by Verran
I a big fan of DBAN. It's nice, and free.
Posted: Fri Mar 04, 2005 9:26 am
by KompresZor
JMEaT wrote:One of my old college professors had a program he wrote in C++ called Nuke. It ground zero'd a hard drive.
There is a good chance that this is the same program
Posted: Fri Mar 04, 2005 9:11 pm
by ccb056
Go to all the major disk manufacturer websites, get their diagnostic tools, usually in there is a tool that will write all zeros to a drive, these tools almost always fit on a bootable floppy
Posted: Fri Mar 04, 2005 10:25 pm
by JMEaT
KompresZor wrote:JMEaT wrote:One of my old college professors had a program he wrote in C++ called Nuke. It ground zero'd a hard drive.
There is a good chance that this is the same program
I didn't even read your post as I am a chronic skimmer.
That's pretty cool, he did work for an old software company I believe. Maybe it is the same dude? His name was Keifer.
Posted: Fri Mar 04, 2005 11:42 pm
by Fusion
Fusion wrote:I have printed up Lothar's suggested applications mentioned in his first post, and will be sharing it w/my superiors.
Fus
Ok, So I am quoting myself, so what..
Well, I have d/led the DBAN app, rigged a Floppy, and have burned the source zip file to CDRW for my superiors. I also added a notepad file telling anyone who has the CD some background on it, giving links to this string and DBAN's website. I am awaiting word from my superiors that my boss's boss give the ok of clearance to use it. I hope that it will be soon.
Fus
Posted: Sat Mar 05, 2005 1:52 am
by iten
Kinda off-topic, but won't writing random bits to all of /dev/hda corrupt the partition table?
Can you recover if the partition table is really messed up?
Posted: Sat Mar 05, 2005 1:15 pm
by Lothar
really off topic: BUTT KICKING FOR GOODNESS!
semi off topic: there are utilities out there that can rebuild partition tables, I think.
Posted: Sun Mar 06, 2005 7:47 am
by KompresZor
JMEaT wrote:KompresZor wrote:JMEaT wrote:One of my old college professors had a program he wrote in C++ called Nuke. It ground zero'd a hard drive.
There is a good chance that this is the same program
I didn't even read your post as I am a chronic skimmer.
That's pretty cool, he did work for an old software company I believe. Maybe it is the same dude? His name was Keifer.
The guy that gave me the program didn't write it, he was a tech for Swann Computers in State College. But I bet there's a good chance that this is the one Keifer wrote, even more of a chance if you happened to go to school at Penn State
Posted: Mon Mar 07, 2005 10:09 pm
by World War Woodi
One word, MICROWAVE !
ok, maybe not but it would look cool.
Posted: Mon Mar 07, 2005 10:42 pm
by Xamindar
simplest solution would be to get a linux boot disk (tomsbrt or some such). I have found that linux fdisk seems to be able to erase any type of partition whereas dos fdisk can't sometimes. And get a floppy one because you mentioned you take old computers, which might not boot a cd.
Posted: Mon Mar 07, 2005 11:35 pm
by MD-2389
Xamindar wrote:simplest solution would be to get a linux boot disk (tomsbrt or some such). I have found that linux fdisk seems to be able to erase any type of partition whereas dos fdisk can't sometimes. And get a floppy one because you mentioned you take old computers, which might not boot a cd.
One problem with that. Partition tables can be rebuilt. The data is still actually there until the sector it resides in is over-written completely, hense the above mentioned programs that write random data over those sectors repeatedly.