Date: Fri, 25 Jun 1999 00:26:16 -0500 (CDT) From: Jason Young <doogie@anet-stl.com> To: cjclark@home.com Cc: freebsd-security@FreeBSD.ORG Subject: Re: Secure Deletion Message-ID: <Pine.BSF.3.96.990625002238.25811C-100000@earth.anet-stl.com> In-Reply-To: <199906250212.WAA07810@cc942873-a.ewndsr1.nj.home.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 24 Jun 1999, Crist J. Clark wrote: > 1) Is there a way for me to securely destroy the file that still > exists? For example, if I were to do something like (this is just > an example), > > # BADLEN=`ls -l <bad_file> | awk '{ print $5 }'` > # dd if=/dev/zero of=<bad_file> bs=1 count=$BADLEN > # dd if=/dev/urandom of=<bad_file> bs=1 count=$BADLEN > # dd if=/dev/zero of=<bad_file> bs=1 count=$BADLEN > > Would I know for sure that the writes physically went over the bad > data? If they do, a procedure like that should be fine. I think that would stop pretty much anyone except the NSA. > 2) Now... for the files that /had/ the data, but deleted it... My > suspicions here lean towards the worst case, i.e. there could be > fragments of the offensive data _anywhere_ on the partition[0]. Is > there a feasible way to destroy that data while preserving the > other data on the partition? If not, what would be the equivalent > of the above for a full partition? > > # umount /dev/wd1f > # dd if=/dev/zero of=/dev/rwd1f count=<size of partition> > # dd if=/dev/urandom of=/dev/rwd1f count=<size of partition> > # dd if=/dev/zero of=/dev/rwd1f count=<size of partition> > # newfs /dev/rwd1f > > Thanks for any help on this. Create a file that consumes all unused space on the partition. Do it as root so you get the "reserve" area too. Blat data over it as you would the existing file above. Then rm it. Must be something terribly important in that (former) file... Jason Young ANET/accessUS Chief Network Engineer To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.990625002238.25811C-100000>