We've migrated our 2 aging servers to a new 5 server cluster, we've backed up all of the data needed. I've now looked into securely removing this valuable data.

I remounted the ext3 partition in ordered data mode and progressed to use the shred binary to clear the important things such as database files and backups though there is a good chance I've missed something.

What will The Planet do with our server / drives once we officially decommission them? Will they perform a low level format on the disk prior to giving it out to a new customer or are the disks destroyed?

We have sensitive customer records, intellectual property and other things that we'd rather not fall into the wrong hands.

===
Secure Deletion
For those wanting to do secure deletes on their boxes this is how.

First if you use ext3 you need to make sure its not using journaled more for writing data else the secure delete wont work correctly. This is done by default in later releases but you can check by running.



You should see
EXT3-fs: mounted filesystem with ordered data mode.

If need by run mount and check you are using ext3, if you need to change to run in ordered mode you can edit /etc/fstab. The ,data=ordered is what was added.



You'll need to remount the disk, I couldn't remount ours because it was being used so had to reboot the server.

Now you can use shred, though it only works on files and it follows symlinks so beware.

To recursively delete all files in the currently directory:


To delete all files matching a pattern recursively in the current directory, in this example *.tar.gz:


Or just for a single file then


shred is included with RHEL by default.

This will take some time since it performs 25 passes over the file before deleting it and is especially slower on small files.

25 passes?

DoD standard is only 9 and will take FAR less time to perform. Cutman levels allow you to go upwards of 37 overwrites but there isn't any software available to anyone that can recover past 9-11 overwrites.

Don't waste the time with 25 rewrites, 9 is good enough, and I've TRIED recovering data beyond that point.......outside of any DoD tools to perform such a recovery.....the data is done and gone.

Gutman?

I would wipe at least 9 passes, since its still fairly easy for people with the right tools to recover data at that point.

I'm pretty sure that no one who's renting a server after you is going to be able to physically remove the drives and hook them up to some theoretical low level magnetic analyzer (And I don't believe these even exist in real life, only Internets folklore). A single pass to randomize the data is sufficient.

Good lord nforcer, you're quite the hax0r and 9 passes was beyond even you? What, your classified CIA equipment hookups didn't pan out?

> I would wipe at least 9 passes, since its still fairly easy for people with the right tools to recover data at that point.

Do you guys know something about STM microscopy that I don't? Fairly easy how? I don't know of anyone that's done it after even a single pass.

I'm saying 9 passes is DoD standard - and many commercially availble tools are not good enough to recover past 5 so anything over and beyond is just a waste of time.

My father works for the DoD which is the only reaason I'm more aware of thier data-erasing standards but I don't have Secret Clearance of my own (nor do I want one!) but I am aware of what tools/methods they use to recover data should it be necessary.

Before I sell off hard drive of my own, or change servers, etc - I do a 5-pass erase which usually takes a day or two depending on the size of the drive, and I'm satisfied knowing only about 1% of computer users out there will ever be able to recover the data - even still - if they did recover the information, .....they can get thier own porn!!!

This is all hypothetical but I'd rather make sure its done properly now than risk any data finding its way into someon elses hands.

Does no one have an idea what the planet's policy is on hardware once its decommissioned?

25 is the default that shred uses, so I'm happy to use that. I also used scrub to clear the free space that took a few hours.

When a server is recycled its drives aren't low level formatted, but high level formatted. I've not used shred before. I'll have to check that out.

In that case I'll remove what I can and then use scrub to do the rest.

Scrub has an option to create a file that consumes all free space on the machine and it then runs a pattern over that giant file which it then removes.

Else I might ask to get a Knoppix Live CD placed into the machine so I can properly wipe the drive myself. Depends what my colleagues at work think.