I'm trying to nuke a Dell Optiplex GX620. I've got a perfectly good dban 1.0.4 that I've used a bunch of times... but on this machine, it says starting, then dies, saying "dban has finished with non-fatal errors. Check the log for more information" It never gets to the interactive menu.
Now that I've disabled the non-existant floppy drive, at least it does say "to save the log file again, press enter"....
mark
On 27/08/2010 15:19, m.roth@5-cent.us wrote:
I'm trying to nuke a Dell Optiplex GX620. I've got a perfectly good dban 1.0.4 that I've used a bunch of times... but on this machine, it says starting, then dies, saying "dban has finished with non-fatal errors. Check the log for more information" It never gets to the interactive menu.
Now that I've disabled the non-existant floppy drive, at least it does say "to save the log file again, press enter"....
I usually use dban but if it's not handy use a liveCD (me usually Ubuntu) and use dd:
Assuming the drive to kill is /dev/sda: dd if=/dev/random of=/dev/sda
Do it a few times for good measure. At work we have a policy of physically destroying drives which grates a little at times.
Hi,
On 27/08/2010 15:19, m.roth@5-cent.us wrote:
I'm trying to nuke a Dell Optiplex GX620. I've got a perfectly good dban 1.0.4 that I've used a bunch of times... but on this machine, it says starting, then dies, saying "dban has finished with non-fatal errors. Check the log for more information" It never gets to the interactive menu.
Now that I've disabled the non-existant floppy drive, at least it does say "to save the log file again, press enter"....
I usually use dban but if it's not handy use a liveCD (me usually Ubuntu) and use dd:
Assuming the drive to kill is /dev/sda: dd if=/dev/random of=/dev/sda
Do it a few times for good measure. At work we have a policy of physically destroying drives which grates a little at times.
I use shred from a rescue CD (Centos/RHEL/Fedora/Ubuntu). shred -vz -n3 /dev/sda clears the disk nicely (takes some tim though :) )
regards,
Michel
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
On Friday 27 August 2010, Kevin Thorpe wrote:
On 27/08/2010 15:19, m.roth@5-cent.us wrote:
I'm trying to nuke a Dell Optiplex GX620. I've got a perfectly good dban 1.0.4 that I've used a bunch of times... but on this machine, it says starting, then dies, saying "dban has finished with non-fatal errors. Check the log for more information" It never gets to the interactive menu.
Now that I've disabled the non-existant floppy drive, at least it does say "to save the log file again, press enter"....
I usually use dban but if it's not handy use a liveCD (me usually Ubuntu) and use dd:
Assuming the drive to kill is /dev/sda: dd if=/dev/random of=/dev/sda
This command will take forever and ever and ever (reads against /dev/random blocks as the kernel runs out of entropy). /dev/urandom would be better but still not very fast.
To get some speed you'd have to do something like: 1) save a megabyte of /dev/urandom in a file 2) while true ; do dd file to dev ; done
Or run some dban-like program instead of dd.
/Peter
On 27/08/2010 15:48, Peter Kjellstrom wrote:
On Friday 27 August 2010, Kevin Thorpe wrote:
On 27/08/2010 15:19, m.roth@5-cent.us wrote:
I'm trying to nuke a Dell Optiplex GX620. I've got a perfectly good dban 1.0.4 that I've used a bunch of times... but on this machine, it says starting, then dies, saying "dban has finished with non-fatal errors. Check the log for more information" It never gets to the interactive menu.
Now that I've disabled the non-existant floppy drive, at least it does say "to save the log file again, press enter"....
I usually use dban but if it's not handy use a liveCD (me usually Ubuntu) and use dd:
Assuming the drive to kill is /dev/sda: dd if=/dev/random of=/dev/sda
This command will take forever and ever and ever (reads against /dev/random blocks as the kernel runs out of entropy). /dev/urandom would be better but still not very fast.
To get some speed you'd have to do something like:
- save a megabyte of /dev/urandom in a file
- while true ; do dd file to dev ; done
Or run some dban-like program instead of dd.
Times I've done this I've just set it off and walked away. Speed was never a consideration. didn't know about shred though... I'll try that next time (if there ever is one)
This command will take forever and ever and ever (reads against /dev/random blocks as the kernel runs out of entropy). /dev/urandom would be better but still not very fast.
I recently came across a replacement for /dev/urandom called frandom that the author claims is 10x faster on i686 hardware. Based on my own tests within a VMware Player VM, frandom can generate 150MB/s when piped to /dev/null. Tests on writing to disk were a modest 50MB/s which is about all what my laptop's disk can handle.
On 08/27/10 7:33 AM, Kevin Thorpe wrote:
Assuming the drive to kill is /dev/sda: dd if=/dev/random of=/dev/sda
/dev/random is WAY to slow for this. byte at a time, gads, that would take *days* (hint, use bs=65536 next time you use dd to bulk wipe something)
with modern drives, just writing one pass of zeros is plenty good enough. the old much-touted DoD erase pattern dates back from the days of MFM drives where bits were the size of boulders.
Do it a few times for good measure. At work we have a policy of physically destroying drives which grates a little at times.
ditto here. but the reality is, wiping a single 500GB drive can take HOURS, and if you have a whole palette of dead systems, many hours of time digging the drives out, hooking them up to erase fixtures, etc etc, the labor costs would be ridiculous. then you get server racks with SCSI, FC, etc drives, all requiring different sorts of fixtures and having MANY drives in them.
all the drives get yanked, and stored in a bin until the chipper truck arrives, tossed in the chipper and recycled as scrap metal.
m.roth@5-cent.us wrote:
I'm trying to nuke a Dell Optiplex GX620. I've got a perfectly good dban 1.0.4 that I've used a bunch of times... but on this machine, it says starting, then dies, saying "dban has finished with non-fatal errors. Check the log for more information" It never gets to the interactive menu.
Now that I've disabled the non-existant floppy drive, at least it does say "to save the log file again, press enter"....
*sigh*
Well, my manager actually had some CDs - dban.org only has .iso's for CDs, which I don't know enough to make work with a DVD, so I d/l and burned the new one, 2.2.6 beta, and it's working now. Interesting... before the menu came up, it looked like the display from lshw....
Oh, and I *do* have to do at DOD full sanitization: I work at a US gov't agency, and the machine's being surplused....
mark
m.roth@5-cent.us wrote, On 08/27/2010 10:57 AM:
m.roth@5-cent.us wrote:
I'm trying to nuke a Dell Optiplex GX620. I've got a perfectly good dban 1.0.4 that I've used a bunch of times... but on this machine, it says starting, then dies, saying "dban has finished with non-fatal errors. Check the log for more information" It never gets to the interactive menu.
Now that I've disabled the non-existant floppy drive, at least it does say "to save the log file again, press enter"....
*sigh*
Well, my manager actually had some CDs - dban.org only has .iso's for CDs, which I don't know enough to make work with a DVD, so I d/l and burned the new one, 2.2.6 beta, and it's working now. Interesting... before the menu came up, it looked like the display from lshw....
Oh, and I *do* have to do at DOD full sanitization: I work at a US gov't agency, and the machine's being surplused....
mark
Suggestion, check with your local DRMO (or whatever they are calling themselves now) representative and make sure that you are allowed to send any hard drive with the machine at *ALL*.
Todd Denniston wrote:
m.roth@5-cent.us wrote, On 08/27/2010 10:57 AM:
m.roth@5-cent.us wrote:
I'm trying to nuke a Dell Optiplex GX620. I've got a perfectly good dban 1.0.4 that I've used a bunch of times... but on this machine, it says starting, then dies, saying "dban has finished with non-fatal errors. Check the log for more information" It never gets to the interactive menu.
<snip>
Well, my manager actually had some CDs - dban.org only has .iso's for CDs, which I don't know enough to make work with a DVD, so I d/l and
burned
the new one, 2.2.6 beta, and it's working now. Interesting... before the
<snip>>
Oh, and I *do* have to do at DOD full sanitization: I work at a US gov't agency, and the machine's being surplused....
Suggestion, check with your local DRMO (or whatever they are calling themselves now) representative and make sure that you are allowed to send any hard drive with the machine at *ALL*.
Not my problem - I'm not with DoD, I'm under HHS, and we've got PII and PHI info. I was told, when I started, that this was acceptable. Actually, I was introduced to dban here.
mark
On 08/27/2010 08:25 AM, Todd Denniston wrote:
m.roth@5-cent.us wrote, On 08/27/2010 10:57 AM:
Oh, and I *do* have to do at DOD full sanitization: I work at a US gov't agency, and the machine's being surplused....
Suggestion, check with your local DRMO (or whatever they are calling themselves now) representative and make sure that you are allowed to send any hard drive with the machine at *ALL*.
Concur. As far back as the early nineties when I was in the US Navy the standard for some materials on magnetic media was physical destruction of the media via specified means.
*No* form of media erasure was considered acceptable for them.
Given that modern hard drives can remap damaged sectors automatically, it is quite possible for an 'erased' drive to still have data on it that can't be removed by any software based erasure because it can't be accessed by the OS.
On Fri, 2010-08-27 at 09:17 -0700, Benjamin Franz wrote:
Given that modern hard drives can remap damaged sectors automatically, it is quite possible for an 'erased' drive to still have data on it that can't be removed by any software based erasure because it can't be accessed by the OS.
--- After SET MAX ADDRESS 0x8000 Data can be gotten After SET MAX ADDRESS EXT 0x8500 Data can be gotten again After the drive is restored to factory reset it can NOT.
*GRIN* take a Sledge Hammer to it. Dban at once did not support HPA nor DCO it still may not.
John
Yaa the remapping is done through SMART and is not reliable in data recovery either.
Yaa I can still get the data through the OS Layer, BTW Benjamin
JohnS wrote:
On Fri, 2010-08-27 at 09:17 -0700, Benjamin Franz wrote:
Given that modern hard drives can remap damaged sectors automatically, it is quite possible for an 'erased' drive to still have data on it that can't be removed by any software based erasure because it can't be accessed by the OS.
After SET MAX ADDRESS 0x8000 Data can be gotten After SET MAX ADDRESS EXT 0x8500 Data can be gotten again After the drive is restored to factory reset it can NOT.
*GRIN* take a Sledge Hammer to it.
Yeah, well, the double-hight Cheetah's that we're getting rid of, we have to disassemble, because there are *no* frames for the degausser that fit them. I'm considering bringing in my 1lb sledge for the platters....
Dban at once did not support HPA nor DCO it still may not.
Not sure... don't now about those. I s'pose I should look 'em up. <snip> mark
On 08/27/2010 10:27 AM, JohnS wrote:
*GRIN* take a Sledge Hammer to it. Dban at once did not support HPA nor DCO it still may not.
It still doesn't.
There are just a *lot* of ways for a theoretically 'wiped' drive to not actually be fully wiped.
As you said: Take a sledge hammer to it.
On Friday, August 27, 2010 02:14:52 pm Benjamin Franz wrote:
There are just a *lot* of ways for a theoretically 'wiped' drive to not actually be fully wiped.
As you said: Take a sledge hammer to it.
obFridayHumor
www.harddrivedestruction.com
The videos are worth the look, especially http://www.youtube.com/watch?v=yISqCAnROh8 (it was a good thing I didn't have any drink in my mouth when I saw that one....)
On Fri, 27 Aug 2010 14:40:05 -0400, Lamar Owen wrote: [....]
As you said: Take a sledge hammer to it.
obFridayHumor
www.harddrivedestruction.com
The videos are worth the look, especially http://www.youtube.com/watch?v=yISqCAnROh8 (it was a good thing I didn't have any drink in my mouth when I saw that one....)
Fwiw, I have it on good authority that a .45 ACP will not penetrate a hard drive, but that a .30-06 will.
Oh, and I *do* have to do at DOD full sanitization: I work at a US gov't agency, and the machine's being surplused....
is dban really certified for DOD full sanitization ?
no: http://www.dban.org/node/52 ?
-- Eero
-
Beartooth -
Benjamin Franz -
Drew -
Eero Volotinen -
John R Pierce -
JohnS -
Kevin Thorpe -
Lamar Owen -
m.roth@5-cent.us -
Michel van Deventer -
Peter Kjellstrom -
Todd Denniston