Linux · Open Source · security · Work

How to securely and effectively erase a disk with DD


At times we need to clean up our disks for whatever reason, like installation errors, privacy, security or to clean up an infected file you need a special deleting procedure.

Tools like regular delete only remove the inode of the file, which does not touch the data/contents. It is possible to recover these deleted files with simple utility. A secured delete tool like dd will overwrite the disk blocks with zero which makes the recovery impossible

To clean up the entre disk the only way to do it by booting via a boot disk, I prefer a linux boot disk

Getting the tool:

Finding a good boot disk distribution: A disk like this has much use, depending on your requirement like network utilities, virus scan, system recovery etc.

http://www.ultimatebootcd.com/ lists many popular boot disks for such operation

Last time as I have been thought the list I tried out

http://ubuntu-rescue-remix.org ubuntu rescue disk and

http://ubuntu-rescue-remix.org Trinity rescue disk. KNOPPIX is also a good boot disk option for such tools http://www.knopper.net

To make these boot images work from a USB drive “unetbootin” is a good tool http://unetbootin.sourceforge.net/ I don’t prefer using CD boot disk any more.

DD command:

After you are done booting with this disk, make sure you are root

In the command prompt

fdisk  -l

will list you all the disks/partition table something like

[root@workstation ~]# fdisk  -l

Disk /dev/sdb: 107.3 GB, 107374182400 bytes

255 heads, 63 sectors/track, 13054 cylinders

Units = cylinders of 16065 * 512 = 8225280 bytes

Disk /dev/sdb doesn’t contain a valid partition table

Disk /dev/sda: 8589 MB, 8589934592 bytes

255 heads, 63 sectors/track, 1044 cylinders

Units = cylinders of 16065 * 512 = 8225280 bytes

    Device Boot      Start         End      Blocks   Id  System

/dev/sda1   *           1          13      104391   83  Linux

/dev/sda2              14        1044     8281507+  8e  Linux LVM

Let’s say we want to clean up /dev/sda1    which is the first portion of the first disk installed in this PC

We can run a command something like this

dd if=/dev/zero of=/dev/sda1 bs=1M # zero out a partation

(WARNING! This will destroy ALL data on the partition)

/dev/zero will generate zeros to wire on the disk

bs=1M option makes dd read and write 1 mebibyte at a time. This makes the whole process a lot faster on any relatively modern system

However Zeroing out the device may not be sufficient, because current disk construction technology allows for inspecting the bytes that were written before the last write operation (which will be easily distinguishable from the zeros). Filling with random data makes it hopeless to try to read the contents, as it will be undistinguishable from the previous content.(Wikipedia)

So if you are really paranoid you may try

dd if=/dev/urandom of=/dev/sda1 # wipe an entire partition with random data

(WARNING! This will destroy ALL data on the partition)

Provided /dev/urandom is available in the system and this will take lots of time as it requires lots of CPU to generate these random numbers

If you would like to clean of the disk inclusive of all partition table

Use /dev/sda instead of sda1 like

dd if=/dev/zero of=/dev/sda1 bs=1M # zero out a drive inclusive of the partition table

(WARNING! This will destroy ALL data on the partition)

Sometimes you only want to clean up the master boot record (MBR)

Use

dd if=/dev/zero of=/dev/sda bs=446 count=1

(WARNING! This will destroy ALL data on the MBR and make can make the partition unusable)

Happy Cleaning

Advertisements

2 thoughts on “How to securely and effectively erase a disk with DD

  1. This is even more true these days with the tracks overlaying each other. Back in the day before we got into Gigabytes on an HD you could still pull some data from the outside of the track even after it was zeroed out. Not anymore with high density platters. Nice!.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s