Date: Mon, 15 Dec 2003 13:55:07 -0600 From: "Pratt, Benjamin E." <bepratt@stcloudstate.edu> To: "Chris Pressey" <cpressey@catseye.mine.nu> Cc: freebsd-questions@freebsd.org Subject: RE: Secure Deletion (Like shred for Linux)?? Message-ID: <4F752E686C8E04449DCB9FA7C3BD9674718262@EXCHANGE.campus.stcloudstate.edu>
index | next in thread | raw e-mail
[-- Attachment #1 --] Chris - It doesn't look like they do quite what I'd like. Here's the man page for shred (http://unixhelp.ed.ac.uk/CGI/man-cgi?shred+1). Shred is used in a shell script called Autoclave (http://staff.washington.edu/jdlarios/autoclave/) to securely wipe a hard drive before getting rid of it. I've attached the "autoclave.sh" script (as long as attachments are allowed, ask me for it if you don't get the attachment). Ben -----Original Message----- From: Chris Pressey [mailto:cpressey@catseye.mine.nu] Sent: Monday, December 15, 2003 1:50 PM To: Pratt, Benjamin E. Cc: freebsd-questions@freebsd.org Subject: Re: Secure Deletion (Like shred for Linux)?? On Mon, 15 Dec 2003 13:31:52 -0600 "Pratt, Benjamin E." <bepratt@stcloudstate.edu> wrote: > Hello - > > I'm fairly new to FreeBSD and was wondering if there are any other > programs out there for secure deletion. I know that you can use the > -P flag with rm to overwrite files but you can't specify the > iterations of overwriting. > > What I'm looking for is something similar to (or exactly like) shred > for Linux. Is it out there?? > > Thanks, > > Ben Hi, The only programs I've seen like what you describe are 'obliterate' and 'srm'. /usr/ports/sysutils/obliterate /usr/ports/security/srm I'm not sure either of them does exactly what you want (specifying how many times to overwrite the file,) but they may be worth checking out. -Chris [-- Attachment #2 --] #shred -x -v -n $PASSES /dev/$DEVICE autoclave-03/ devs=`grep -H ide-disk /proc/ide/hd*/driver | cut -f 4 -d "/"` echo "Drives found:" echo while [ "$flag" != "done" ]; do count=0 for i in $devs; do let "count=$count+1" eval "dev$count=$i" echo "$count) $i" echo "-----------" cat /proc/ide/$i/model blocks=`cat /proc/ide/$i/capacity` bytes=`echo "$blocks 512 * p" | dc` eval "size$count=$bytes" echo "Size: $bytes bytes" done if [ $count -eq 0 ]; then echo "No drives found." exit fi echo -n "Please choose a drive (1-$count) for more information (Q to quit): " read choice case $choice in [Qq]*) echo "Stopping." exit ;; *) eval device=\$dev$choice eval bytes=\$size$choice if [ "$device" != "" ]; then flag="done" fi ;; esac done cmdline="shred -x -v" # --size=$bytes echo echo "With what level of confidence would you like to erase this disk?" echo echo "1) Zero disk only. Slow, only effective against non-hackers." echo "2) One random pass. A little slower, effective against most." echo "3) 3 \"binary overwrite\" passes. Even slower, likely as secure as you need." echo "4) 10 passes, some structured. Very slow. Almost certainly secure." echo "5) 25 structured passes. Unbearably slow, but probably secure against the NSA." echo flag="" while [ "$flag" != "done" ]; do echo -n "Level (1-5,Q)? " read level case $level in 1) cmdline="$cmdline -n 0 -z" flag="done" ;; 2) cmdline="$cmdline -n 1 -z" flag="done" ;; 3) cmdline="$cmdline -n 3" flag="done" ;; 4) cmdline="$cmdline -n 10 -z" flag="done" ;; 5) flag="done" ;; [Qq]*) echo "Stopping." exit ;; *) ;; esac done cmdline="$cmdline /dev/$device" echo "About to run the command: $cmdline" echo "WARNING: THIS WILL COMPLETELY ERASE THE DISK /dev/$device." flag="" while [ "$flag" != "done" ]; do echo -n "Are you absolutely sure you want to do this? (Y/N) " read final case $final in [Yy]*) flag="done" echo "Ok then. Don't say I didn't warn you." eval $cmdline echo echo "Finished erasing /dev/$device." ;; [Nn]*) flag="done" echo "Stopping." exit ;; *) echo "I'm looking for \"yes\" or \"no\" here." ;; esac done echo "Done." PATH=/usr/i386-linux-uclibc/bin/:$PATH gcc -D_FILE_OFFSET_BITS=64 -D__USE_FILE_OFFSET64 -O2 shred.c -o shred strip shred size shredhome | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4F752E686C8E04449DCB9FA7C3BD9674718262>