[nlug] Re: Data security?
On Thu, Apr 2, 2009 at 8:13 AM, Drew cothar...@gmail.com wrote: Hello, Like the subject says, this pertains to data security, but not just on linux/bsd/*nix. What I'd like to know is if anyone has a tool they prefer for wiping hard drives in workstations. As we grow/upgrade systems, we frequently have old systems we'd like to get rid of, but data security is a concern. I would like to leave systems usable (ie not destroy or remove the hard drive) but clean. Ideally, we're talking about a bootable CD that has a utility that will format/overwrite/reformat/overwrite drives to a point where there is a reasonable expectation that data that was on the drive won't be able to be retrieved. So - favorites, recommendations? Input on this being a pointless task because data can always be recovered? Thanks for the input. Pretty much any bootable linux distro will do it as you can use DD or a lot of other tools to overwrite the data on the drive. If you actually want to a bootable that is designed for it, try http://www.dban.org/ (Darik's boot and nuke). I was going to reply with a link to this video: http://www.youtube.com/watch?v=UIRXh2oiqtA but you said you didn't want to destroy the drives. As to the security of the wipe. All the data recovery companies have stated that overwriting the drive once with zeros pretty much makes it unrecoverable, though better safe than sorry, so do the secure seven alteranating wipe. Andy --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups NLUG group. To post to this group, send email to nlug-talk@googlegroups.com To unsubscribe from this group, send email to nlug-talk+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/nlug-talk?hl=en -~--~~~~--~~--~--~---
[nlug] Re: Data security?
I agree with Sky. There used to be 'low level format' available on cheap IDE controllers that worked pretty well. The best I remember seeing that kept the drive useable was an old dos/windows program that did a 'distructive disk test' that I used several times on different disks that were otherwise un-recoverable anyway. I wish I could remember its name. You could build a small sh script to use dd to write some pattern till it filled up a drive using different patterns on various passes, but that is kind of a pain. If you are discarding a UNIX derivative, just do a fresh install with a different type of file system. A good way to physically demolish one is to take it to your local neighborhood blacksmith (I had one across the street when I lived in Houston) and go with him to his forge. Melt the drive to a nice pool of silicon and aluminum sludge. It is very satisfying. It is really hard to recover data after that. Pouring the sludge into a nice paper weight, door stop, etc is also fun. ... Actually a good coal fired BBQ of old disk drives behind the HC one weekend could be a nice community support project! :) ... Then cast them into trophies for 'worst security' to be handed out to folks at the next Phreaknic --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups NLUG group. To post to this group, send email to nlug-talk@googlegroups.com To unsubscribe from this group, send email to nlug-talk+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/nlug-talk?hl=en -~--~~~~--~~--~--~---
[nlug] Re: Data security?
I use DBAN (Darik's Boot And Nuke) for all my wipes. It uses the same algorithms that the DoD uses, as well as some other standards that are more thorough, though probably less useful as they take much, much longer to run. I trust DBAN enough to take care of our retired drives that have the library's financial data on them, though most of that is public record anyway. My $1.75 ($0.02, adjusted for tax increases) Jim Peterson Technology Coordinator Goodnight Memorial Library 203 S. Main St. Franklin, KY 42134 (270) 586-8397 www.gmpl.org Library Technology by jimmythegeek! On Thu, 2009-04-02 at 07:13 -0500, Drew wrote: Hello, Like the subject says, this pertains to data security, but not just on linux/bsd/*nix. What I'd like to know is if anyone has a tool they prefer for wiping hard drives in workstations. As we grow/upgrade systems, we frequently have old systems we'd like to get rid of, but data security is a concern. I would like to leave systems usable (ie not destroy or remove the hard drive) but clean. Ideally, we're talking about a bootable CD that has a utility that will format/overwrite/reformat/overwrite drives to a point where there is a reasonable expectation that data that was on the drive won't be able to be retrieved. So - favorites, recommendations? Input on this being a pointless task because data can always be recovered? Thanks for the input. Drew --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups NLUG group. To post to this group, send email to nlug-talk@googlegroups.com To unsubscribe from this group, send email to nlug-talk+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/nlug-talk?hl=en -~--~~~~--~~--~--~---
[nlug] Re: SGI goes down
I've heard of Rackable Systems here and there, but they are not a big player (yet) in the industry. Just big enough to catch an ad in InformationWeek here there. http://www.rackable.com/ We used to have several SGI workstations (and a server, I think) at the Potter Brumfield plant here in Franklin, before being bought out by Siemens and then Tyco Electronics. Jim Peterson Technology Coordinator Goodnight Memorial Library 203 S. Main St. Franklin, KY 42134 (270) 586-8397 www.gmpl.org Library Technology by jimmythegeek! According to the Wall Street Journal (not prone to April foolery), Silicon Graphics is filing its second Chapter 11 bankruptcy in three years and shall sell most of what is left to Rackable Systems Inc. (a company that I, frankly, had never heard of). I'd post the link to the article but WSJ online is a paid subscription site. SGI was a big deal in its day. Tempus fugit. Howard White --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups NLUG group. To post to this group, send email to nlug-talk@googlegroups.com To unsubscribe from this group, send email to nlug-talk+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/nlug-talk?hl=en -~--~~~~--~~--~--~---
[nlug] Re: Data security?
My kids (the 12-yr-old boy 8-yr old girl) like to try and take turns with the sledgehammer. Of course, I usually end up doing the deed, but like Jack's idea, it is very satisfying and actually provides a great workout too! I also sight in my deer rifle with them, and use them for target practice when I'm shooting my .45. Fun! Jim On Thu, 2009-04-02 at 08:28 -0500, Jack Coats wrote: I agree with Sky. There used to be 'low level format' available on cheap IDE controllers that worked pretty well. The best I remember seeing that kept the drive useable was an old dos/windows program that did a 'distructive disk test' that I used several times on different disks that were otherwise un-recoverable anyway. I wish I could remember its name. You could build a small sh script to use dd to write some pattern till it filled up a drive using different patterns on various passes, but that is kind of a pain. If you are discarding a UNIX derivative, just do a fresh install with a different type of file system. A good way to physically demolish one is to take it to your local neighborhood blacksmith (I had one across the street when I lived in Houston) and go with him to his forge. Melt the drive to a nice pool of silicon and aluminum sludge. It is very satisfying. It is really hard to recover data after that. Pouring the sludge into a nice paper weight, door stop, etc is also fun. ... Actually a good coal fired BBQ of old disk drives behind the HC one weekend could be a nice community support project! :) ... Then cast them into trophies for 'worst security' to be handed out to folks at the next Phreaknic --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups NLUG group. To post to this group, send email to nlug-talk@googlegroups.com To unsubscribe from this group, send email to nlug-talk+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/nlug-talk?hl=en -~--~~~~--~~--~--~---
[nlug] Re: Senate Legislation Would Federalize Cybersecurity
Nope, not an oxymoron.. Intelligent Officials would be the oxymoron... Intelligence Officials are just morons... Andy On Thu, Apr 2, 2009 at 9:36 AM, Jim Peterson jim.sokytec...@gmail.comwrote: Intelligence officialsan oxymoron of a title if you ask me! On Wed, 2009-04-01 at 11:35 -0700, xor wrote: Addressing what intelligence officials describe as a gaping vulnerability, the legislation also calls for the appointment of a White House cybersecurity czar with unprecedented authority to shut down computer networks, including private ones, if a cyberattack is underway, the officials said. The full story is here:http://www.washingtonpost.com/wp-dyn/content/article/2009/03/31/AR2009033103684_pf.html --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups NLUG group. To post to this group, send email to nlug-talk@googlegroups.com To unsubscribe from this group, send email to nlug-talk+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/nlug-talk?hl=en -~--~~~~--~~--~--~---
[nlug] Re: Data security?
I'll chime in with another vote for DBAN. The only thing I have to add is that DBAN (stable) supports most, but not all controllers. I have a second CD with DBAN beta that seems to support other (AHCI) controllers. Between the two of those CD's, I don't have any problem wiping drives. I actually have a really old server that just sits in the rack doing drive wipes (with DBAN) and drive testing (with SpinRite) of old drives (thanks to a couple hot-swap bays for SATA and IDE drives.) It takes so long to wipe and to test that I just make a habit of going in there once a day and swapping out the just wiped or tested drive with the next one in my stack. Chris On Thu, Apr 2, 2009 at 8:35 AM, Jim Peterson jim.sokytec...@gmail.comwrote: My kids (the 12-yr-old boy 8-yr old girl) like to try and take turns with the sledgehammer. Of course, I usually end up doing the deed, but like Jack's idea, it is very satisfying and actually provides a great workout too! I also sight in my deer rifle with them, and use them for target practice when I'm shooting my .45. Fun! Jim On Thu, 2009-04-02 at 08:28 -0500, Jack Coats wrote: I agree with Sky. There used to be 'low level format' available on cheap IDE controllers that worked pretty well. The best I remember seeing that kept the drive useable was an old dos/windows program that did a 'distructive disk test' that I used several times on different disks that were otherwise un-recoverable anyway. I wish I could remember its name. You could build a small sh script to use dd to write some pattern till it filled up a drive using different patterns on various passes, but that is kind of a pain. If you are discarding a UNIX derivative, just do a fresh install with a different type of file system. A good way to physically demolish one is to take it to your local neighborhood blacksmith (I had one across the street when I lived in Houston) and go with him to his forge. Melt the drive to a nice pool of silicon and aluminum sludge. It is very satisfying. It is really hard to recover data after that. Pouring the sludge into a nice paper weight, door stop, etc is also fun. ... Actually a good coal fired BBQ of old disk drives behind the HC one weekend could be a nice community support project! :) ... Then cast them into trophies for 'worst security' to be handed out to folks at the next Phreaknic --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups NLUG group. To post to this group, send email to nlug-talk@googlegroups.com To unsubscribe from this group, send email to nlug-talk+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/nlug-talk?hl=en -~--~~~~--~~--~--~---
[nlug] Re: Data security?
Interesting... I didn't know IDE did hot swap. On Thu, Apr 2, 2009 at 10:05 AM, Chris McQuistion cmcquist...@watkins.eduwrote: I'll chime in with another vote for DBAN. The only thing I have to add is that DBAN (stable) supports most, but not all controllers. I have a second CD with DBAN beta that seems to support other (AHCI) controllers. Between the two of those CD's, I don't have any problem wiping drives. I actually have a really old server that just sits in the rack doing drive wipes (with DBAN) and drive testing (with SpinRite) of old drives (thanks to a couple hot-swap bays for SATA and IDE drives.) It takes so long to wipe and to test that I just make a habit of going in there once a day and swapping out the just wiped or tested drive with the next one in my stack. Chris On Thu, Apr 2, 2009 at 8:35 AM, Jim Peterson jim.sokytec...@gmail.comwrote: My kids (the 12-yr-old boy 8-yr old girl) like to try and take turns with the sledgehammer. Of course, I usually end up doing the deed, but like Jack's idea, it is very satisfying and actually provides a great workout too! I also sight in my deer rifle with them, and use them for target practice when I'm shooting my .45. Fun! Jim On Thu, 2009-04-02 at 08:28 -0500, Jack Coats wrote: I agree with Sky. There used to be 'low level format' available on cheap IDE controllers that worked pretty well. The best I remember seeing that kept the drive useable was an old dos/windows program that did a 'distructive disk test' that I used several times on different disks that were otherwise un-recoverable anyway. I wish I could remember its name. You could build a small sh script to use dd to write some pattern till it filled up a drive using different patterns on various passes, but that is kind of a pain. If you are discarding a UNIX derivative, just do a fresh install with a different type of file system. A good way to physically demolish one is to take it to your local neighborhood blacksmith (I had one across the street when I lived in Houston) and go with him to his forge. Melt the drive to a nice pool of silicon and aluminum sludge. It is very satisfying. It is really hard to recover data after that. Pouring the sludge into a nice paper weight, door stop, etc is also fun. ... Actually a good coal fired BBQ of old disk drives behind the HC one weekend could be a nice community support project! :) ... Then cast them into trophies for 'worst security' to be handed out to folks at the next Phreaknic --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups NLUG group. To post to this group, send email to nlug-talk@googlegroups.com To unsubscribe from this group, send email to nlug-talk+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/nlug-talk?hl=en -~--~~~~--~~--~--~---
[nlug] Re: Data security?
- Andrew Farnsworth farn...@gmail.com wrote: Interesting... I didn't know IDE did hot swap. I don't know if that was originally intended to do it, but there are commands in hdparm for spinning down drives and such. Also commands for rescanning the IDE bus. Of course you have to have a decent enough IDE chipset to not get fully confused. -- Steven Critchfield cri...@basesys.com --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups NLUG group. To post to this group, send email to nlug-talk@googlegroups.com To unsubscribe from this group, send email to nlug-talk+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/nlug-talk?hl=en -~--~~~~--~~--~--~---
[nlug] Re: Data security?
I probably shouldn't have called it hot-swap. It is just a removable drive bay and I always shut down to swap the drives around, although I think there are some commands to do it, hot, I just don't really trust them. Chris On Thu, Apr 2, 2009 at 9:09 AM, Andrew Farnsworth farn...@gmail.com wrote: Interesting... I didn't know IDE did hot swap. On Thu, Apr 2, 2009 at 10:05 AM, Chris McQuistion cmcquist...@watkins.edu wrote: I'll chime in with another vote for DBAN. The only thing I have to add is that DBAN (stable) supports most, but not all controllers. I have a second CD with DBAN beta that seems to support other (AHCI) controllers. Between the two of those CD's, I don't have any problem wiping drives. I actually have a really old server that just sits in the rack doing drive wipes (with DBAN) and drive testing (with SpinRite) of old drives (thanks to a couple hot-swap bays for SATA and IDE drives.) It takes so long to wipe and to test that I just make a habit of going in there once a day and swapping out the just wiped or tested drive with the next one in my stack. Chris On Thu, Apr 2, 2009 at 8:35 AM, Jim Peterson jim.sokytec...@gmail.comwrote: My kids (the 12-yr-old boy 8-yr old girl) like to try and take turns with the sledgehammer. Of course, I usually end up doing the deed, but like Jack's idea, it is very satisfying and actually provides a great workout too! I also sight in my deer rifle with them, and use them for target practice when I'm shooting my .45. Fun! Jim On Thu, 2009-04-02 at 08:28 -0500, Jack Coats wrote: I agree with Sky. There used to be 'low level format' available on cheap IDE controllers that worked pretty well. The best I remember seeing that kept the drive useable was an old dos/windows program that did a 'distructive disk test' that I used several times on different disks that were otherwise un-recoverable anyway. I wish I could remember its name. You could build a small sh script to use dd to write some pattern till it filled up a drive using different patterns on various passes, but that is kind of a pain. If you are discarding a UNIX derivative, just do a fresh install with a different type of file system. A good way to physically demolish one is to take it to your local neighborhood blacksmith (I had one across the street when I lived in Houston) and go with him to his forge. Melt the drive to a nice pool of silicon and aluminum sludge. It is very satisfying. It is really hard to recover data after that. Pouring the sludge into a nice paper weight, door stop, etc is also fun. ... Actually a good coal fired BBQ of old disk drives behind the HC one weekend could be a nice community support project! :) ... Then cast them into trophies for 'worst security' to be handed out to folks at the next Phreaknic --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups NLUG group. To post to this group, send email to nlug-talk@googlegroups.com To unsubscribe from this group, send email to nlug-talk+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/nlug-talk?hl=en -~--~~~~--~~--~--~---
[nlug] Re: Data security?
Great information, great discussion. I agree that destroying the drive (the fire arm method is one I've used personally) is the surest form of data security, however our retired workstations tend to be better than many people's (especially our employees) home computers, so we first tend to sell off any old systems to them. While it's not that I don't *trust* the employees, for the sake of the company, I like to make all the best efforts to prevent any accidental disclosure of data. Sounds like I'll be giving dban a spin. Thanks again. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups NLUG group. To post to this group, send email to nlug-talk@googlegroups.com To unsubscribe from this group, send email to nlug-talk+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/nlug-talk?hl=en -~--~~~~--~~--~--~---
[nlug] Re: Senate Legislation Would Federalize Cybersecurity
Michael Chaney wrote: On Wed, Apr 1, 2009 at 1:35 PM, xor johnw...@gmail.com wrote: Addressing what intelligence officials describe as a gaping vulnerability, the legislation also calls for the appointment of a White House cybersecurity czar with unprecedented authority to shut down computer networks, including private ones, if a cyberattack is underway, the officials said. The full story is here: http://www.washingtonpost.com/wp-dyn/content/article/2009/03/31/AR2009033103684_pf.html There is no problem so big that it cannot be solved by big government. Or is it: There is not problem so small that it can try to be solved by big government. -- Jerry Perkins Home Page http://www.jperkins.us/ + If your life is a hard drive, Christ can be your backup. + --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups NLUG group. To post to this group, send email to nlug-talk@googlegroups.com To unsubscribe from this group, send email to nlug-talk+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/nlug-talk?hl=en -~--~~~~--~~--~--~---
[nlug] Re: Senate Legislation Would Federalize Cybersecurity
Mark J. Bailey wrote: if this is anything like the way HIPAA federalized healthcare data handling, but for EVERY industry, you might want to consider a career change! :-) let's hope this doesn't reach that far (or, better yet, go nowhere at all is my vote). HIPAA also came with a huge implementation ramp up and overhead for the healthcare end of things. I can't imagine how small business owners would survive the weight of something of that scope if applied across the board in this economy. I realize that the article implies a scope that includes mainly larger, public service type entities. But, once the government body is in place, it will be like cancer seeking out more and more niches to occupy. I may agree with you, but the time has passed for discussion. The electorate has spoke and that is the way it is going to be. -- Jerry Perkins Home Page http://www.jperkins.us/ + If your life is a hard drive, Christ can be your backup. + --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups NLUG group. To post to this group, send email to nlug-talk@googlegroups.com To unsubscribe from this group, send email to nlug-talk+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/nlug-talk?hl=en -~--~~~~--~~--~--~---