From owner-freebsd-security  Thu Nov 18 13:12:24 1999
Delivered-To: freebsd-security@freebsd.org
Received: from gatekeeper.veriohosting.com (gatekeeper.veriohosting.com [192.41.0.2])
	by hub.freebsd.org (Postfix) with ESMTP
	id 1609B154B6; Thu, 18 Nov 1999 13:12:14 -0800 (PST)
	(envelope-from hart@iserver.com)
Received: by gatekeeper.veriohosting.com; Thu, 18 Nov 1999 14:12:13 -0700 (MST)
Received: from unknown(192.168.1.109) by gatekeeper.veriohosting.com via smap (V3.1.1)
	id xma019700; Thu, 18 Nov 99 14:11:43 -0700
Received: (hart@localhost) by anchovy.orem.iserver.com (8.9.3) id OAA08961; Thu, 18 Nov 1999 14:09:28 -0700 (MST)
Date: Thu, 18 Nov 1999 14:09:28 -0700 (MST)
From: Paul Hart <hart@iserver.com>
X-Sender: hart@anchovy.orem.iserver.com
To: TrouBle <trouble@netquick.net>
Cc: freebsd-questions@FreeBSD.ORG, freebsd-security@FreeBSD.ORG
Subject: Re: secure filesystem wiping
In-Reply-To: <3833923C.10A7208F@netquick.net>
Message-ID: <Pine.BSF.4.10.9911181357430.8255-100000@anchovy.orem.iserver.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

On Thu, 18 Nov 1999, TrouBle wrote:

> obliterate only wipes the one file you specify.. i want to wipe all
> the free space on the disk, without damaging good intact files on it,
> linux has a progrtam called wipe that does this, now ill ask again is
> there something similiar for freebsd

Have you considered the problem from this angle?  Presumably you had
sensitive information in a file on the disk at some point.  Instead of
trying to "securely" remove all traces of files when they're gone, what
about using something like CFS (in /usr/ports/security/cfs) for all of
these sensitive files to start with?  That way, when the files are gone,
even if someone did manage to obtain some salvaged remnants they could not
be used to yield useful information.  That seems much more secure than
even the best "secure deletion" or "disk wiping" programs.

Paul Hart

--
Paul Robert Hart        ><8>  ><8>  ><8>        Verio Web Hosting, Inc.
hart@iserver.com        ><8>  ><8>  ><8>        http://www.iserver.com/



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message