Darik's Boot and Nuke tool
Selena has been at TechRepublic since 2002. She is currently a Senior Editor with a background in technical writing, editing, and research. She edits Data Center, Linux and Open Source, Apple in the Enterprise, The Enterprise Cloud, Web Designer, and IT Security blogs.
To see which wiping option is most appropriate for your needs, have a look: http://dougvitale.wordpress.com/2012/01/26/dariks-boot-and-nuke/ Be advised that the more secure of a "nuking" process you choose, the more time you will need to allow DBAN to run (could take a day or more).
How can I modify DBAB's syslinux.cfg file so that it runs on boot without further input? I know I will have to remaster the ISO image too. Can anyone tell me what software I may need or where to find the source code? You can post or send me an email at email@example.com. I would be thankful for any help.
When using autonuke from a boot disk will it erase all drives, just the primary, or what? Can someone email a response to: firstname.lastname@example.org? Thanks
It works, it is simple to use and I have yet to hear of it failing to do what it says it does except in the case of a hardware failure. Most people do not even need to go any further than issuing the autonuke command and letting it do its thing, just make sure that any drives you don't want wiped are unplugged from the machine.
Software wipes still doesn't take care of all the "protected" sectors on the HDD... nor wipe any bad sectors... it also fails to wipe defective drives that tend to malfunction when the drive warms up as it takes hours to do. The "Secure Erase" command built into each drive is still the best method... either boot Linux, and power cycle the HDD (to bypass motherboard BIOS locks), and set a password, and invoke the Secure Erase via issuing HDPARM commands Secure Erase can wipe the drive's protected sectors, and in my experience while the drive is still cold before it has a chance to warm and lock-up. Or boot the MHDD tool (power cycle the drive) and use "pwd" to set a password then issue "fasterase" command to invoke Secure Erase. 80GB drives wiped to NIST standards in less than 20min... doesn't get any better than that. Using Knoppix, I was also able to PXE boot into the console directly, and wipe multiple PCs on an isolated hub/switch w/o messing with boot-CDs... and only had to power cycle the HDD to invoke Secure Erase. I had minor issues with Samsung HDDs on Linux, but the MHDD tool took care of what Linux couldn't... =) My company has recently purchased CPR Tools' "Hammer" device to wipe drives, no more power cycling HDDs to use Secure Erase... simply plug and wipe... =D How to use Linux and HDPARM: https://ata.wiki.kernel.org/index.php/ATA_Secure_Erase NIST 800-88 document: http://csrc.nist.gov/publications/nistpubs/800-88/NISTSP800-88_rev1.pdf MHDD info: http://hddguru.com/software/2005.10.02-MHDD/ Hammer by CPR Tools: http://www.bing.com/search?q=cpr+tool+hammer
I've been using this tool for years. Glad to see it finally moved past DBAN 1.0.7. That version was around for ages and had no support for AHCI or some newer SATA technologies and would display errors at boot, so I was forced to use things like Active Killdisk. Looks like DBAN has been updated heavily.
We've been using DBAN for years as it's a good program. Kudos to TR for listening to its members! EMD
Does this program actually perform a data overwrite?You really can't "wipe" a drive and expect the info to be gone. It must be overwritten with nonsense data, like XXXXs and OOOOOs. Most companies now-a-days (epsecially in sensitive data industries like finance or healthcare) require DOD3 (Dept. of Defense 3 time overwrite) or even DOD7 to ensure their data isn't vulnerable and cover their risk.
I hadn't thought of power cycling the drive, duh! Good links too, BTW. Thanks for that. I always appreciate the random opportunity to learn something or wipe the cobwebs away...
I too have been using DBAN for years. Recently I had reason to crank it up and wondered about some of the other drives that I had pulled for one reason or another. Some of them were marked with a felt tip pen.. won't boot, not recognized in BIOS, or not recognized in Win Explorer. When my original wipe finished I plugged in one of the old pulls. DBAN churned away and when finished, I plugged in another one. The two of them worked fine so I kept wiping anything I found in the junk box. Drives as small as 3.1GB, 8.2GB, all the way up to 80GB, and 120GB. When I finished wiping all, I had 19 working drives and two that were actually junk. DBAN may save some of the junkers that you have kicking around, waiting for the eRecycler to show up??
Is there anyway to use the Gutman wipe and still preserve the re-installation partition in a DELL pc, for example. Or is DBAN blind to partitioning and MBR separations.
if you read through the sections it tells you that it performs Data overwrite. how complex, and how many "passes" depends on your selection.
against efforts to retrieve data with the majority of the commercially available data recovery tools. Now, that said, nobody can say unequivocally that this will prevent anyone from ever reading your data from these disks. (I wouldn't put it past some Gov't agencies to be able to work around it). if you want to be able to say THAT for certain, you have to resort to the physical destruction of the device (boiling, drilling holes, sledge-hammer action, etc). But unless you're truly paranoid, yes, this should work for you (they meet industry due-diligence requirements).
I use a soft cloth, to wipe the drives in my computers when they are getting dust and cobwebs on them . Maybe a vacuumcleaner could do the job too.
with drive utilities from various manufacturers. Just writing zero fills, can recover a drive that flunked all other tests. I had a SATA drive like that, and I suspect the drive was riddled with malware that placed themselves in hidden areas marked damaged by the malware themselves. It can be very difficult to get rid of them when they dig deep like that. After doing this with the diagnostic tool(Disk Wizard), in this case, I was able to do a standard format with the factory utility and recover the drive. It is still operating to this day. This after SMART reported the drive was going to fail, and the regular diagnostic reported eminent failure! If I remember correctly, I had to do a very long diagnostic to get the geometry right; after that, everything I did to it improved the test reports. I pulled another drive from the same customer who was using Windows ME on an older PC, and it was riddled with malware also. I'm hoping the Gutman wipe is just as effective. (edited)After researching this, I realize the Gutman wipe may be obsolete - will stick with IIRC.
I'm sure a soft cloth will do nicely to wipe a drive but beware of using a vacuum near a computer! Depending on the power of the vacuum cleaner, your results may be unsatisfactory? A powerful machine tends to tip over all the 1's on the drive so the they align end to end and cause a continuous hum when the drive is running. I've never noticed a problem with the 0's though......... YMMV!