From: John Rams (johnrams@cox.net)
Date: Sun Aug 10 2003 - 15:04:30 EDT
RE: Destroying a Solaris system - for Fresh installThanks to all responded.
Sorry for the delayed summary as i am too busy destroying few systems! Here
are some of interesting answers, thanks so much for all the information
given.
- If all you want is a clean install, just partition the disk and tell
Solaris to do an initial install, and not preserve
anything.
- If you really need to wipe out to make sure no one can read the raw disk
(or whatever) and get old bits, do a
"boot cdrom -sw", at the "ok" prompt, then run format select the disk, and
go to analyze->purge. Once the
purge is complete, the disk (except for altered bad blocks) is clean.
Repeat for each hard drive in the system that you
want to wipe clean.
-The installer will re-install over the old data but if you are truly
paranoid boot from cd and repartition to one slice. Then
dd if=/dev/zero of=/dev/dsk/c0t0d0s0
- The "best" way without use of outside hardware would be to:
1) Boot into single-user mode via the SUN cdrom or via a network
jumpstart
boot cdrom -- -s
2) Once you have booted and have the prompt, what you will want to do
is clean out the disk devices. Assuming you have written down the
device paths, perform the following:
dd if=/dev/zero of=/dev/rdsk/c$$t$$d$$s2 bs=1048576
(where $$ are the appropriate values of your device)
3) Run the format command and perform a destructive read/write test on
the disk
format
<select one of the disks to start working on>
analyze
purge
<then do what you need to to confirm the selection and wait>
Notes:
Repeat steps 2-3 as needed for each device or multiple times for each
device depending on whether you are working with a government
installation or not.
The reason why you need to boot from a CDROM or other device other
than the system's internal/external disks is because during the
cleaning process, critical system files will be wiped out and the
commands will stop functioning, leaving large parts of the disk
recoverable.
The process can take a while depending on the speed of the disks and
their size. I would say for step #2, it will typically take 30minutes
to 2 hours for 2GB -18GB disks with SCA-80 scsi connections.
The format command is somewhat more thorough and will take 2-3 hours
minimum. Ie, start it and then go do something else for a while.
-The install procedure (ok boot cdrom) will newfs
(create a new filesystem) which will destroy the
previous filesystem. If you want to rewrite every
sector on the disk you could boot off cdrom then run
the format command. You'll see options for analyzing
the disk destructively.
- The only other way of completely removing data from a hard drive is to
degauss it and that is expensive.
-If you are concerned about "cleansing" the disk, as to remove sensitive
data than I would mount the disk in another system or from cdrom and run
-
# dd if=/dev/zero of=/dev/dsk/c0t0d0s2 bs=65536
this will write all zeros on the disk to "cleanse" the disk.
But if you just want a fresh install, this isn't necessary. Just run a
newfs on each slice to clear the data. This will create new superblocks
and make all of the space available for writing and you can do a fresh
install.
-Try bcwipe from jetico.
It will slick your drive(s) clean.
- If you mean 'no data should remain' in a 'classified information sense',
then the easy answer is you can't. Short of rendering a disk completely
unusable, you cannot guarantee removeal of all data.
If you mean in a 'format the disk' sense, a quick RTFM will point you
towards the command 'newfs' which is basically a format.
- i use the solaris install cd-rom to boot into single-user and then use
'dd' to ``zero out'' the disk
e.g.
ok> boot cdrom -s
# dd if=/dev/zero of=/dev/rdsk/c0t0d0s2 bs=1024
-Then it depends entirely on the strength of what you mean by "no data".
If you overwrite the first few blocks of the disk
'dd if=/dev/zero of=/dev/rdsk/<disk>s2 count=50, you will nuke the VTOC
(where the partitions are) along with the superblock in the first
partition. That would cause many casual users to not find items. You
could also simply 'newfs' all the partitions.
You could 'dd' the entire disk with zeros
'dd if=/dev/zero of=/dev/rdsk/<disk>s2 bs=128k'
That would keep anyone from putting the disk in a machine and scanning
for data which could be potentially reassmbled.
You could use 'format' -> analyze -> purge to write bit patterns on the
disk multiple times. That would keep some with the skills to read the
platters outside of the standard interface from seeing the old residual
patterns. However there are many organizations with the ability
retreive the older data.
The only 100% effective method would involve physical destruction of the
media. Easiest would be destruction by fire, heating the platters to
the point that they become demagnetized.
Regards
John
-----Original Message-----
From: johnrams@cox.net [mailto:johnrams@cox.net]
Sent: Tuesday, July 29, 2003 1:59 PM
To: sunmanagers@sunmanagers.org
Subject: Destroying a Solaris system - for Fresh install
What is the best way to destroy all data, partitions and render a working
system unusable. This is to do a fresh install and no data should remain on
the system.
Thanks
John
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers
This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 23:26:55 EDT