Cleaning a Disk with dd

Lets say that you have an old system sitting around that you want to give to a friend or to a charity. The system itself is fine, but you had been using it for keeping track of your personal finances. You had several personal bits of information on there (credit card numbers, account numbers, ssn, etc.). How do you make it safe to hand this off?

If you have a USB enclosure and a Mac around it is easy. Disk Utility included with the Mac will erase that drive, just select the 7 (or for the ultra paranoid 35) times overwrite option. But lets say that you don’t have a Mac and you don’t want to spend money on a application to do it. But you have a good old faithful linux system.

Personally, I am a little more paranoid than average and don’t want to trust a single wipe. But on the other hand, I have found few times that a real 7 pass or 35 pass wipe is needed. In order to satisfy a 3 pass wipe, there are a couple of variations that you can use:

Variation 1 (leaves bits in a random state)

  1. Zero the drive
  2. One the drive
  3. random the drive

Variation 2 (Leaves bits as zeros)

  1. random the drive
  2. One the drive
  3. Zero the drive

Both of these set all bits to both positions & a random. Personally I like the variation for security, but it depends on what the final application will be. If the final drive will be encrypted variation 1 is preferable, if not I like 2 because the starting state of the bits would be more difficult to ascertain.

Since this can take many hours, there are also some options to get the status.

Anyway here are the commands:

First figure out what your drive is, note you cannot use the system drive that you are
 running on. For this example we will say that it is /dev/sdd. You can do just a 
 partition, but this may not be as secure.

Random:
dd if=/dev/urandom of=/dev/sdd bs=4096

Zero:
dd if=/dev/zero of=/dev/sdd bs=4096

Ones:
perl -e 'print chr(0xFF) while(1);' | dd of=/dev/sdd bs=4096


Status (on linux):
- to make dd pause and print it status, get the pid (ps aux | grep dd), then
# kill -s USR1 <PID>

To Test the drive:
# dd if=/dev/sdd bs=1 count=10 skip=600000000000 | hexdump -C
(this will skip a head to the 600GB & show 10 hex characters)

If something fails and you need to resume, use the test above to figure out where to 
 start. Then add a seek criteria to the dd command (make sure to divide by 4096 to 
 get the location)
# perl -e 'print chr(0xFF) while(1);' | dd of=/dev/sde bs=4096 seek=146484375
(will restart writing ones at the 600GB)

Note: there is nothing particularly special about 4096, I have just seen this used as 
a good size (bs) for writing to modern hard drives and is faster than the 512 default.

Of course you could always just use a tool like Darik’s Boot & Nuke @ Source Forge, but what fun is there in that?
(http://www.cmu.edu/iso/tools/data-sanitization-tools.html)
http://www.linux.com/archive/feature/48092

Using Screen

Until recently, I had never used screen. Now I love it! Screen is awesome.

In short, screen is a virtual terminal session that allows multiple windows within a single ssh session. It also maintains your session if you lose a connection.

start screen:
$ screen

to create a new window:
cntrl-a c

to exit a window:
$ exit

to switch windows:
cntrl-a n   (next)
cntrl-a p   (previous)

help
cntrl-a ?

to detach your session from screen:
cntrl-a d

to find a screen session:
$ screen -ls
There is a screen on:
	6173.pts-1.localhost	(Detached)
1 Socket in /var/run/screen/S-root.

to reattach to a screen session:
$ screen -r
OR
$ screen -r 6173.pts-1.localhost

http://www.rackaid.com/resources/linux-screen-tutorial-and-how-to/
http://www.howtoforge.com/linux_screen
http://linux.die.net/man/1/screen