One Unified Global Perspective
Communications with a Global Perspective
Home
Intro
Contact Us
Voice over IP
PBX Solutions
Services
Support
Glossary
Open Source
Blog
Forum
WebMail




Root :: Open Source :: Linux

2009 Jun 27 - Sat

Securely Erasing Files

On a Linux system, there are a number of tools available for over-writing a file with random data and then deleting the file and hiding the name of the name of the file as well.

Of course, there are certain caveats that go along with this. If you focus only on securely deleting files, you will miss file content that may have been written to bad sectors, file journals, sectors released when files have been relocated from one area to another (as in when you edit or shorten files), and various other disk dead areas.

On popular tool is a utility called shred, and is found natively on most distributions. In the most basic form: 

shred --remove filename

If you use the -v (verbose) option, you can see how many times it over-writes a file, and with what patterns it uses. It also uses a descending 0 write in order to obliterate a file name.

If you need to recurse sub-directories: 

find * -depth  -type f | xargs shred --remove

If you have created then moved or erased files and want to ensure that the released content is overwritten, then you need to over-write drive free space and then release it. There are some poeople who suggest using dd to fill the free space and then use shred to overwrite and delete the single large file.

An alternative is to use scrub, a tool built by the Lawrence Livermore National Library folks. It uses various national standards for selecting suitable patterns and over-writing strategies. Source can be found at Sourceforge.

A quick way to apply all 0's to the free space of a drive: 

dd if=/dev/zero of=zerofile bs=1M
sync
rm zerofile

If you can't get scrub to work, then the above command with the shred might be a good combination.

To ensure you have all the data, not just what was located in files or drive free space, one needs to apply scrub/shred to whole partitions and/or drives. The Gentoo Wiki talks about ways of securely deleting drives and partitions.

For near-absolute protection of data, I've known companies to specify that once a drive is no longer useful, that it be crushed and sent to landfill.


Blog Content ©2009
Ray Burkholder
All Rights Reserved
ray@oneunified.net
(441) 505 7293
Available for Contract Work
Resume

RSS: Click to see the XML version of this web page.

twitter
View Ray Burkholder's profile on LinkedIn
technorati
Add to Technorati Favorites



June
Su Mo Tu We Th Fr Sa
  1 2 3 4 5 6
7 8 9 10 11 12 13
14 15 16 17 18 19 20
21 22 23 24 25 26 27
28 29 30        


Main Links:
Monitoring Server
SSH Tools
QuantDeveloper Code

Special Links:
Frink

Blog Links:
Sergey Solyanik
Marc Andreessen
HotGigs
Micro Persuasion
... Reasonable ...
Chris Donnan
BeyondVC
lifehacker
Trader Mike
Ticker Sense
HeadRush
TraderFeed
Stock Bandit
The Daily WTF
Guy Kawaski
J. Brant Arseneau
Steve Pavlina
Matt Cutts
Kevin Scaldeferri
Joel On Software
Quant Recruiter
Blosxom User Group
Wesner Moise
Julian Dunn
Steve Yegge
Max Dama

2009
Months
Jan Feb Mar
Apr May Jun
Jul Aug Sep
Oct Nov Dec




Mason HQ
Request Further Information
 Suggestions may be sent to our Webmaster
©2009 One Unified.
Disclaimer: This site may include market analysis. All ideas, opinions, and/or forecasts, expressed or implied herein, are for informational purposes only and should not be construed as a recommendation to invest, trade, and/or speculate in the markets. Any investments, trades, and/or speculations made in light of the ideas, opinions, and/or forecasts, expressed or implied herein, are committed at your own risk, financial or otherwise.