From owner-freebsd-security Fri Jun 25 13:55:31 1999 Delivered-To: freebsd-security@freebsd.org Received: from alice.gba.oz.au (gba-254.tmx.com.au [203.9.155.254]) by hub.freebsd.org (Postfix) with SMTP id 746B51584C for ; Fri, 25 Jun 1999 13:55:18 -0700 (PDT) (envelope-from gjb-freebsd@gba.oz.au) Received: (qmail 4140 invoked by uid 1001); 26 Jun 1999 06:45:13 +1000 Message-ID: <19990625204513.4139.qmail@alice.gba.oz.au> X-Posted-By: GBA-Post 1.03 20-Sep-1998 X-PGP-Fingerprint: 5A91 6942 8CEA 9DAB B95B C249 1CE1 493B 2B5A CE30 Date: Sat, 26 Jun 1999 06:45:12 +1000 From: Greg Black To: "Crist J. Clark" Cc: freebsd-security@FreeBSD.ORG Subject: Re: Secure Deletion References: <199906250212.WAA07810@cc942873-a.ewndsr1.nj.home.com> In-reply-to: <199906250212.WAA07810@cc942873-a.ewndsr1.nj.home.com> of Thu, 24 Jun 1999 22:12:34 -0400 Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > Problem: A file came onto a FreeBSD system. All traces of this file > will (probably) need to be destroyed. The error was on someone else's > part, so we did not find out until this file had > propagated. There is presently an existing file that needs to be > destroyed. In addition, there are existing files that had this > information in them, but have since had the 'offending' part > removed... The solution depends on your levels of paranoia. The real solution involves: 1. delete any offending files, or edit the offending data out of them 2. dump the filesystems 3. remove the disks and grind them into dust 4. install new disks 5. restore your dumps 6. find all backups made while the data was on the disks and destroy the backup media If items 3 and 4 are too extreme for your case, replace them with: 3. newfs the disks and fill them with 0x55 bytes 4. repeat step 3, using 0xAA then repeat step 3 -- Greg Black -- or Fight censorship in Australia: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message