Last Updated: 2008-10-31 02:04:14 UTC
by Johannes Ullrich (Version: 1)
The last couple days we talked about getting rid of rootkits, spyware, bots and such. One common suggestion was to "wipe and rebuild". There are other reasons to wipe disks: Are you donating an old computer to charity? Better get rid of that data first! What are your procedures and tricks to quickly and securely erase data. With > 1TB disks on the horizon, the time it takes to erase a disk with "Boot and Nuke" is getting longer and longer.
- multiple overwrites? myth or necessity
- physical destruction? shredding? demagnetizing? sledge hammer?
- drive firmware: how do you validate it after a compromise?
- USB disks, SIM cards and other "exotic" media.
- what distance do you keep to the disk on the range to avoid lead backsplatter? ;-)
Johannes B. Ullrich, Ph.D.
SANS Technology Institute