RE: Linux Wipe Disk Utility

RE: Linux Wipe Disk Utility

[Tomás Palmer]

[-- Attachment #1: Type: text/plain, Size: 1478 bytes --]

Well for windows there are a lot of U.S. DOD 5220.22 compliant HDD
scrubbers. Do a quick search for Linux data scubbers but here is something I
found and there are very pricey versions available
http://wipe.sourceforge.net/


-----Original Message-----
From: Lugg William H Civ OO-ALC /MASFE [mailto:William.Lugg@CISF.AF.MIL] 
Sent: Wednesday, August 13, 2003 12:29 PM
To: 'SELinux@tycho.nsa.gov'
Subject: Linux Wipe Disk Utility

We are currently exploring and Open Source approach to an application we
maintain that is currently hosted under Windows 95 in MS Access.  One of the
requirements is to provide a way to zeroize the classified HDD at operator
request.  Is there an NSA certified utility to do this job under Linux?  I
assume that some component of SELinux might do this job for us.

Thanks.
----------------------------------------------------------------------------
-------------------------------
Bill Lugg
Software Engineer, 
     MilStar AF Command Post Terminal Software Support
     OO-ALC/TISFE, Peterson AFB, CO

William.Lugg@cisf.af.mil <mailto:william.lugg@cisf.af.mil>  or
wlugg@sysmatrix.net <mailto:wlugg@sysmatrix.net> 
The only difference between a tax man and a taxidermist is that the
taxidermist leaves the skin. -- Mark Twain


--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov
with
the words "unsubscribe selinux" without quotes as the message.

[-- Attachment #2: Type: text/html, Size: 2773 bytes --]

Re: Linux Wipe Disk Utility

[Joseph A Nagy Jr]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Wednesday 13 August 2003 17:07, Tomás Palmer wrote this in an attempt 
to be witty and informative:
> Well for windows there are a lot of U.S. DOD 5220.22 compliant HDD
> scrubbers. Do a quick search for Linux data scubbers but here is
> something I found and there are very pricey versions available
> http://wipe.sourceforge.net/
<snip>

Unless I'm mistaken, files on ext3 have their inodes automatically 
zeroed out upon file deletion. If this is the case, the above solutions 
are entirely unneccessary (at least the linux ones).
- -- 
Wielder of the mighty +1 LARTsaber of Unsubscribe Instructions At End of
Message, the +3 Clue-by-Four of No Attachments to a Mailing List, and
the -4 Shield of No Spell Checker. http://jan-jr-ent.homelinux.org
http://joseph-a-nagy-jr.homelinux.org http://mc-luug.homelinux.org/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQE/OsJMnjt9jEvKYeARAoQ6AJ9EvomcF1iZaFz9hr5tmJFKoQa54ACfYVjG
QYZfTIji9J478zBBy/fPqwo=
=/fXY
-----END PGP SIGNATURE-----



--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

Re: Linux Wipe Disk Utility

[Russell Coker]

On Thu, 14 Aug 2003 08:57, Joseph A Nagy Jr wrote:
> Unless I'm mistaken, files on ext3 have their inodes automatically
> zeroed out upon file deletion. If this is the case, the above solutions
> are entirely unneccessary (at least the linux ones).

This has little to do with SE Linux, but your message above may mislead people 
so I think I need to respond.

Inodes are not blanked on "deletion".  In Unix Inodes are not deallocated 
while a process is using them, so often an Inode stays around until shutdown 
time because one process is using it (this is the cause of "df reports no 
free disk space but du says hardly any space is used" which confuses so many 
people).

If a process runs in the background and keeps a file open then it is possible 
that fsck will resurrect the file in lost+found if reset is pressed (if a 
machine is hacked it's strongly recommended that you pull the plug so you can 
force this to happen with debugfs).

Even when the Inode is cleared your troubles aren't over, the data blocks on 
disk are not cleared so inspecting the raw disk contents can reveal the data 
(there are many companies that specialise in such work, I can recommend a 
friend off-list if people need such work).

On ext3 the "s" attribute allows zeroing a file on deletion, but recall that 
such deletion does not happen while a file is in use.  Also the "s" attribute 
has to get applied to all the things you want it applied to (which may be 
difficult).

There is a need for doing better things for data protection on Linux than just 
relying on the base OS functionality.  Setting the "s" attribute and using an 
encrypted file system with the key stored on removable media may do the job.

-- 
http://www.coker.com.au/selinux/   My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/  Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/    Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/  My home page


--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

Re: Linux Wipe Disk Utility

[Dan Anderson]

----- Original Message ----- 
From: "Joseph A Nagy Jr" <joseph_a_nagy_jr@charter.net>
> Unless I'm mistaken, files on ext3 have their inodes automatically
> zeroed out upon file deletion. If this is the case, the above solutions
> are entirely unneccessary (at least the linux ones).

Inodes are not sufficient (unless ext3 is using really odd terminology,
inodes are essentially just collections of pointers to data blocks), you
need to wipe all of the data blocks, as I recall 3x, once with all 1's, once
with all 0's and once random (or a char and it's complement, and then
random).

My initial thought would be to use dd and /dev/zero, and /dev/random or
something along these lines (although, this would probably not be 100%
(blocks marked bad, and the alternate pool wouls also probably need wiped)).

We used to keep bootable floppies with "flush" on them for this purpose.
Which might suite your needs also.

Dan Anderson


--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

OT: Re: Linux Wipe Disk Utility

[James Griffin]

Joseph A Nagy Jr wrote:
> <snip>
> 
> Unless I'm mistaken, files on ext3 have their inodes automatically 
> zeroed out upon file deletion. If this is the case, the above solutions 
> are entirely unneccessary (at least the linux ones).

You are correct about the ext3 inodes, but you are mistaken about the 
protection this offers.  google for the Sleuth Kit and Autopsy for 
information on file recovery tools.

This thread is getting off topic for the SELinux list.

> - -- 
[snip]


--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.