Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Need something for disk erasure

Status
Not open for further replies.
tekinept

tekinept

MIS
Oct 22, 2002
24
US
Have a gov contract that requires some report or verification that when a drive is removed, there is a full report stating that fact. It also should be able to remove all the data from the drive (not just removing an LV).
I don't remember any way that AIX allows something like that, anyone have any ideas or apps they could point me to?
 
Sort by date Sort by votes
You need an application like S-Delete that scrubs the data completely using the DoD or Gutmann methods.
 
Upvote 0 Downvote
DoD specs is exactly what I need. Looks like S-Delete is a win only app.... I would like to have used a bulk erase, but they won't use that here.
 
Upvote 0 Downvote
try WIPE it is free Uses Gutmann's erase patterns, erasing single files and accompanying metadata or entire disks.
 
Upvote 0 Downvote
run diag

somewhere beyond Task Selection->Format Media there's a utility for overwriting a hard drive with up to three different bit patterns on three passes. I've used it before to clear disks on a decommissioned machine.

As I kinda like my disks the way the are, I'm not going to poke around any further to find the exact location in diag, but it's there. I seem to recall it had a non-obvious name, so you may have to look around a bit. It'll give you a screen for selecting the number and form of patterns, so you'll know when you've found it.



Rod Knowlton
IBM Certified Advanced Technical Expert pSeries and AIX 5L
CompTIA Linux+
CompTIA Security+

 
Upvote 0 Downvote
three different bit patterns on three passes.
Click to expand...

Didn't you read that he needs to meet DoD standard because he is a gov't contractor?
 
Upvote 0 Downvote
Unless he's got TOP SECRET rated data, which would probably have him in trouble for starting this thread, the AIX utility will may work just fine.

If the contract calls for the disk to be CLEARED, then running just one bit pattern will meet DoD 5220.22-M specifications.

I know the third pattern option was random, and I'm pretty sure the first two were complements of each other. I'd be suprised if they weren't, as IBM certainly has a few customers with government contracts, not to mention a few government contracts of their own.

If the contract calls for them to be SANITIZED, using all three passes (if they are as I recall) will meet DoD 5220.22-M specifications. Certainly worth checking before laying out any cash.

My personal favorite sanitizing method is the three way wipe followed by good old physical destruction.

To be truly secure, you must grind it into a fine powder, toss it to the wind, and hope that entropy takes care of the rest. While cathartic, this is usually cost prohibitive. :)





Rod Knowlton
IBM Certified Advanced Technical Expert pSeries and AIX 5L
CompTIA Linux+
CompTIA Security+

 
Upvote 0 Downvote
If he had TOP SECRET or above then DoD calls for the complete destruction (i.e., grind it to powder), as you noted. However, three or less passes is not acceptable for scrubbing government data.

The IL state gov't data security act requires 10 scrubs.

But even if data has been thoroughly overwritten, you may still be able to recover some of it as the magnetization patterns on the hard disk surface are often still visible. 35 is generally accepted as secure as it gets.
 
Upvote 0 Downvote
I have no top secret clearance, and this is not a facility that really needs top secret, however, it is part of the DoD. They did not require the DoD standard, or state that exactly. However, since they asked (or told us to have it), they probably do need to stay in DoD spec, at least this will keep them off my back or coming back requesting it to be at that level of security.
We actually have a few of these types of contracts, this is the first to ask for it.
I used to work for IBM, and the truly top secret government facilities went nuts with this sort of thing, using a wipe, then bulk eraser, and for good measure, basically melted the drive.
Like I said, they want us to have a report and documentation that we 'guarantee' no data is left for exposure, and I'm really trying to cover my butt.
 
Upvote 0 Downvote
My experience with IBM and DoD, the DoD pay for the replacement disk (so they can hang on to the failed one) then they pay another company to put a "big hammer" through the failed disk.
I don't know if thay crush or degause it but they are the ones with the "certificate" to "dispose" of the disks.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

mohamedazrin
  • Locked
  • Question
Need some help with extend the PP
Replies
1
Views
243
Andjey
Andjey
bhm-ibm
  • Locked
  • Question
ELK Monitoring tool for AIX
Replies
0
Views
154
bhm-ibm
bhm-ibm
dhirender
  • Locked
  • Question
How to calculate total disk space available in AIX
Replies
1
Views
172
johnherman
johnherman
JC01
  • Locked
  • Question
rpm -ivh libgcc-6.3.0-1.aix7.2.ppc.rpm error: Failed dependencies: AIX-rpm >= 7.2.0.0 is needed
Replies
2
Views
189
JC01
JC01
amandeepgautam
  • Locked
  • Question
futex alternative for aix
Replies
0
Views
65
amandeepgautam
amandeepgautam

Part and Inventory Search

Sponsor

Back
Top