There are at least two potential problems with using FDRERASE. The first is that it REQUIRES a z/OS (maybe OS/390) operating system to run it. This i s not too much of a problem at a Disaster Recovery vendor site but not easy
when you are decommissioning your only mainframe. The second problem is t hat some government agencies have chosen to re-interpret DOD guidelines/specifications to be a triple-pass of random data, random data and a known pattern. It may be just as good, but it isn't exactly what ou r security management wants, and this kind of legalistic landmines is the k ind that will HURT you at the worst time. I would love a standalone version of FDRERASE and an option for any versi on of FDRERASE that would let me specify pattern(random,random,x5a5a). /Tom Kern On Wed, 31 Jan 2007 14:34:15 -0700, Dave Reinken <[EMAIL PROTECTED]> wrote : >After reviewing the DoD specifications for destruction by overwriting, I >would say that your method does not meet them. Specifications are >available here: >http://www.tricare.mil/tmis_new/ia/02%20-%20Sanitization.pdf , section >3.1.2. They specify that you must overwrite with a pattern, then the >complement of the pattern, then with random data. They further specify >that you must overwrite the entire disk, "independent of any BIOS or >firmware capacity that the system may have". Among other things. > >My question would be, do you really need to meet DoD specifications? If >so, you'll probably need something like FDRERASE, which is certified to >meet those specifications. >
