I guess in the back of my subconscious, this and yesterday’s post regarding secure wiping could be related to the new year…you know…start things off with a clean-slate?
Yesterday’s post focused on free tools and utilities for secure-wiping (pretty-much) files and folders from a Windows system.
In a much older GSD post I had touched on total-drive secure wiping options.
Since a lot of time has slid by since that 2007 post, I figured I revisit it and see if it needed some updating. So below you will find a list of tools that address secure wiping of an entire hard-drive.
In the previous post, I already covered by top-two tools for secure-wiping a HDD:
When it comes to secure drive (whole-disk) wiping, I’ve still tended to rely on two tools in particular for their ease-of-use and convenience.
The first is Microsoft Windows DISKPART command “Clean all” which “specifies that each and every sector on the disk is zeroed, which completely deletes all data contained on the disk.”
The pro is that the command is very simple to remember and use, and when coupled with a WinPE disk, is dead-simple to effectively wipe out most all drives I encounter.
The second one I love is the CLI tool “wipe.exe” as found in the Forensic Acquisition Utilities set by George M. Garner.
The pro about this one is that it actually includes a progress indicator so you have some degree of feedback on how far you’ve wiped.
I always verify my zero-out wipes when done. For that I prefer to use the sector-viewer tool HxD to scan through the post-wiped drive to ensure it all come up clean; Frhed - Free hex editor is another nice alternative.
I keep a custom WinPE 3.0 USB stick always handy to off-line boot a target system. By nature, DISKPART and it’s “Clean all” power is baked in. I’ve also loaded it with the forensic Acquisition Utilities tool set so those are also at hand for a quick “wipe \\.\PhysicalDrive0 -p 1 -w 00” command if I prefer the progress meter.
However, there are a number of additional tools, some more “GUI” than others that bring more to the party in terms of wipe-patterns and passes…if that’s your thing.
So here are the rest I’ve found. Use may be licensed for personal only or may also allow for organizational use. So read the fine print carefully to stay honest.
Darik's Boot And Nuke | Hard Drive Disk Wipe and Data Clearing - (aka DBAN) allows for creation of a boot floppy or boot CD. It supports SCSI, IDE, PATA, and SATA disks and should be able to wipe just about any file-system from a drive. You can use one of five preset wipe formats or set custom wipe patterns. If you prefer you can try the method to Create a DBAN USB Flash Drive from Windows over at USB Pen Drive Linux. Other related links (with more screenshots) are Create a Bootable DBAN USB Pen Drive at TrishTech and How to make a bootable dban USB thumbdrive to wipe hard drives at Lee.org. I’ve had mixed success with making a USB version of DBAN (no issues with the CD version), generally the problem comes like others with the “autonuke” option causing a hang. Some forums suggest disabling “media card” drives in the BIOS or like things. Also, you need to be sure to pull the USB stick in the first 10 seconds of the DBAN loading done otherwise you will likely wipe your USB stick as well if left in.
PC Inspector - Emaxx - Basically you download the app and use it to create a boot disk. Then boot your target system with the boot-disk and type “emaxx -US” to get started. It isn’t elegant but it can do the job.
Terabyte Unlimited - CopyWipe - This tool can be used to boot a system and perform a secure wipe (and it can also do disk-imaging as well). Download the zip file and unpack. You can then run the makedisk.exe file to create a boot floppy or boot CD ISO file. Burn it to disk and you are good to go. This application provides support for accessing the connected drive via (through) the BIOS, via the BIOS (directly), via USB2 connections, and for IEEE1394 devices. You then have an amazing nine (9) wipe options to pick from. From a quick 1-pass wipe, up to a 35-pass wipe. Also included is a hardware-based wipe method for drives that support this built-in drive-wipe feature.
Erase hard drive by Active@ KillDisk - This tool comes in both a “limited” free version as well as a “professional” version. The biggest limitation to me in the free version is that it only supports a one-pass zero out of the drive. That’s enough for me! In addition, the free version doesn’t appear to easily allow use as a off-line boot/wipe solution. Rather you would have to install the software on your main system, then attach the target drive to be wiped via USB or a free PATA/SATA connection and wipe accordingly. Not a big deal for advanced users, but might be a bit scary to less sophisticated users who could fear accidently wiping their primary system disk. Fear not. If you carefully read page 10 of the included PDF manual file, there is a link to a zip file that contains a pre-built ISO boot image for free users.
If you are an advanced user and know how to build your own Windows/WinPE boot media disks, you might want to take a look at the Center for Magnetic Recording Research (CMRR)'s Secure Erase (aka HDDErase). You will have to create a boot-disk yourself then add the program file to it, or else download the Ultimate Boot CD ISO file and burn it to disk as it contains this utility (and tons of other clever things as well). One thing going for Secure Erase is that it also supports "enhanced secure erase" modes on supported drives. This works to effectively render the data on a drive inaccessible in seconds by changing the in-drive encryption key. Even though the data is still on the drive, it cannot be read/accessed as the key that interprets that data from the drive has be irrevocably changed.
Ultimate Boot CD is an amazing bit of work. It doesn’t matter if you are an advanced sysadmin or a general PC user, this “all-in-one” project has a great collection of nine hard disk wiping tools. Scroll down the main page a bit to find the list.
SeaTools | Seagate - Poke around a while and you can find the SeaTools version for your supported drive. It contains a basic drive-sanitation tool.
These additional tools are “standalone” of sorts. They may or may not work within a WinPE boot environment. However, they all should work if you choose to attach your target HDD to be wiped to your main system via a USB-HDD adapter.
Roadkil's Disk Wipe Program - standalone tool to point, set, and wipe a drive. Works for USB/Flash drives as well.
DeviceEraser - standalone tool. Wipes both PATA/SATA drives as well as USB storage media.
DP Shredder 1.5 - Dirk Paehl tool to pick a drive, pick your passes, pick your pattern and wipe away.
WipeDisk - at Gaijin. This tool also will wipe physical and logical disks using any of 14 different wipe patterns.
HDDGURU: HDD Wipe Tool - Supports SATA,IDE, SCSI, USB, and Firewire interfaces. can also erase most Flash drive media.
Miray Software - HDShredder - The free version is very limited but can do the job. The free version contains both an ISO, IMG file to make a self-booting version or you can run directly in a Windows environment. The zip file contains a great PDF manual well worth reading if you decide to use this tool.
USB Flash Tools by Sarah Dean has the features to secure-wipe flash memory cards as well as USB flash drives.
Disk Wipe is a newer tool under GNU-GPL free for all. It has a great GUI, built-in sector viewer, and supports several different wipe patterns for addressing USB sticks, SD cards and other portable memory devices. This was a new discovery I found while working on this post so I’ve not field-tested it yet. Check out both the Disk Wipe User Guide and Screenshots here.
Finally, TinyApps.org bloggist left a tip to a related post there on his blog: ATA Secure Erase (SE) and hdparm that bears some checking out.
For the pros, I’ve clearly left out all those leet Linux “live” CD/DVD distros that can off-line boot a system and then secure wipe the drive using any of many tools available under the *nix OS. I figure if you already know about them, then you probably won’t be needing a recap of them here in this more “Windows-centric” tool post. However, if you have made it this far and have a specific distro/tool that you would like to share with us for secure wiping, please drop a line in the comments. For example, this Disk Wiping with dcfldd at the Anti-Forensics blog post uses a Debian build.
Cheers.
Claus V.
No comments:
Post a Comment