Threat Level: green Handler on Duty: Rob VandenBrink

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Cyber Security Awareness Month - Day 16 - Securing a donated computer

Published: 2010-10-15
Last Updated: 2010-10-16 20:38:15 UTC
by Guy Bruneau (Version: 1)
9 comment(s)

Day 16 ends week two of the Cyber Security Awareness Month. If you happen to get a computer that was donated to you, it is important to trust the software that is installed on it.

Formatting a computer does not erase the data. Before using the computer, it is recommended to completely wipe the hard drive and install from trusted medias. These two programs can be used to wipe a drive: WipeDrive (commercial only) and Active @ KillDisk (free and commercial). If you are familiar with Linux, you can also use dd or cp with /dev/zero or /dev/urandom.

Note that WipeDrive SystemSaver can wipe the data and keep the operating system intact but it cost $39.95.

Wiping with dd or Linux copy (free solution)

Boot with a Linux CD/DVD and one of these methods can be used to wipe a drive:

- cp /dev/zero /dev/hda or cp /dev/zero /dev/sda
- dd if=/dev/urandom of=/dev/hda or dd if=/dev/urandom of=/dev/sda
- dd if=/dev/zero of=/dev/hda or dd if=/dev/zero of=/dev/sda


The final step is to reinstall the operating system and all your favorite software from trusted clean medias.

If you know other method for wiping clean a donated computer, you can share them via our contact form.
 

Update 1: Eraser is a tool for Windows to remove sensitive data from a drive and Terence indicated that Seagate's Seatools can be used overwrite a drive with zeros.

-----------

Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot org

Le cours "Comprehensive Packet Analysis"  sera disponible en français à Québec le 5 nov 2010

FOR 558: Network Forensics coming to Toronto, ON in Nov 2010

9 comment(s)
Diary Archives