Do you work in an environment that contains sensitive data? What do you do with your server drives when they are...
being evergreened out? Would or could someone actually use forensic techniques to pull sensitive data off the legacy hardware you sent out the door? I looked at a couple of options and found this free, flexible and powerful Darik's Boot and Nuke (DBAN).
While examining some free alternatives for securely removing data from hard disks, I ran across DBAN, a SourceForge project that is open source, and more importantly, free.
DBAN supports both IDE and SCSI drives, making it ideal to use in the data center. It is OS platform independent, capable of supporting large drives and virtually any OS loaded on those disks. This includes MS-DOS, Win 3.1, 9x, NT (all versions), Win 2k, Win XP (I have not had the opportunity to try this against Win 2k3, but can't see how it would be any different), BSD (Free, Net and Open), Linux (all flavors), BeOS and QNX.
I was also surprised at the wide selection of wipe methods available: Quick Erase, Canadian RCMP TSSIT OPS-II Standard Wipe, American DoD 5220-22.M Standard Wipe, Gutmann Wipe and PRNG Stream Wipe. Each wipe method utilizes a varied number of parameters, including the number of consecutive wipes required and the type of data pattern laid down to the disk.
You can select single volumes, single disks or multiple batches to perform bulk operations -- this is one flexible tool!
How does DBAN work? You can download either a floppy disk version or a bootable CD ISO version. I have used the CD version exclusively, but the only difference is the delivery method. Both versions boot the same code, starting a Linux kernel and starting up DBAN. You are presented with a simple text screen menu that allows you to arrow up and down to make changes to your options.
Check out DBAN on SourceForge at http://dban.sourceforge.net/. Be sure to read the associated documentation carefully, as this is a powerful and destructive tool. The current version is 1.0.3.
ABOUT THE AUTHOR: Rod Kruetzfeld is currently employed by the Calgary Board of Education as the SMS 2003 administrator for a multi-site hierarchy of over 13,000 workstations and 100,000 user accounts. Rod also started his own consulting/contracting firm, Dynamic IT Services Inc. Rod can be contacted at email@example.com.
This article first appeared in myITforum, the premier online destination for IT professionals responsible for managing their corporations' Microsoft Windows systems. The centerpiece of myITforum.com is a collection of member forums where IT professionals actively exchange technical tips, share their expertise, and download utilities that help them better manage their Windows environments, specifically Microsoft Systems Management Server (SMS). It is part of the TechTarget network of Web sites. To register for the site and sign up for the myITforum daily newsletter, click here.