General discussion
Thread display: Collapse - |
All Comments
Start or search
Create a new discussion
If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.
Drive Forensics
I have several servers that I am taking out of service. I am sure the
customer will ask me about the safety of the data when I brief him. I want
to be sure I know what the risks are. I have 3 cases:
DO CASE
CASE=1: a server, essentually desktop hardware, with a single ATA drive.
I will boot to MS DOS and run the Resource Kit DELPART to delete the NTFS
partition. I belive that only serious forensics will recover the data. Is
this true?
CASE=2: a server with 2 drives on a RAID card, using RAID-1 (Mirrored). I
will use the ROM in the RAID card to delete the logical drive. Is that the
same as the DELPART above? I am a little concerned because with RAID-1 I
have a full set of the data on each physical drive.
CASE=3: a server with 7 drives in a RAID-5 Array. I will use the ROM in
the RAID card to delete the logical drive, and then randomly shuffle the
physical disks between the various servers being sold off. I belive that
since each physical drive in a 7-drive RAID array only has 1/6th of the
data, it should not be able to be reconstructed, even by serious forensics.
Is this true?
ENDCASE
Thanks,
--
Rich McKinney