Disk Blasting 101 with Linux

How To: If all you want to do is be 99.9999 percent sure that there's no data left on your drives, DBAN (Darik's Boot and Nuke) is for you. (Linux-Watch.com)

There are times when you really, really want to make sure that theres not one shred of readable data left on your drives. For those times, you need a blast furnace.

But, if all you want to do is be 99.9999% sure that theres no data left on your drives, DBAN (Dariks Boot and Nuke) is for you.

If this sounds unlikely, think about it for a second. Have you ever gotten rid of an old computer? Did you ever think that the next user might dig into it to get your old files, like say, your financial records? Your diary? Your porn collection!?

Dont think, by the way, that simply trashing your dusty old 60MHz Pentium will make sure your data wont be looked at until the archaeologists of 2505 dig it up. I know one trash guy who makes a nice little chunk of change pulling out PCs and the like from his garbage runs and selling the bits and pieces that still work.

Or, say you have a completely fouled up hard drive, and nothing, I mean nothing, can bring it back to life. Its for times like this that DBAN can be exactly what you need.

This program goes to great extremes to make sure that nothing on any modern Windows, Mac OS, or Linux drive can survive its many ways of wiping out a disk.

Yes, you could do a fast and dirty job with the common Linux commands, dd or shred, but comes close to what DBAN can do.

I know for a fact, because Ive done it, that I can rip data off disks that have been dded or shredded. I really doubt that I could bring files up on a drive thats been DBANed to a fare-thee-well.

If you want to know more about exactly how DBAN works, check out the excellent NewsForge article, Dariks Boot and Nuke: A great tool for obliterating your data, by Lee Spain.

There are a few things it cant wipe. Of those, SCSI-based RAID is the only one I suspect most users are ever likely to run into. It also doesnt delete data contained in newer IDE drives HPA (Host Protected Area).

Typically, an HPA only holds a vendors support data. Your own data should never be in there, unless youve gone to extremes to place it there in the first place. And, if you can do that, then you should already know how to blow it away.

If you really must peek into the HPA anyway, the best tool I know of for the job is The Sleuth Kit and its GUI, Autopsy Forensic Browser. This is an open-source set of Unix tools that runs on most Unixes and Linuxes.

Together, these programs make an outstanding, comparatively easy-to-use digital forensics toolkit. If you want to know whats really on your hard drives in fine detail, I havent seen any better programs.

/zimages/1/28571.gifRead the full story on Linux-Watch: Disk Blasting 101 with Linux

/zimages/1/28571.gifCheck out eWEEK.coms for the latest open-source news, reviews and analysis.