Cancellazione sicura del disco con secure-delete

Questa è roba per i maniaci della sicurezza.

Secure-delete è un pacchetto disponibile per squeeze, wheezy e sid .

La cancellazione sicura non è sempre facile, in questo secure-delete ci viene incontro con diversi strumenti :

sfill , sdmem , srm e sswap.

  • sfill – secure free disk and inode space wiper (secure_deletion toolkit)
  • sdmem – secure memory wiper (secure_deletion toolkit)
  • srm – secure remove (secure_deletion toolkit)
  • sswap – secure swap wiper (secure_deletion toolkit)

I test del MM-Team per ora si sono fermati a sfill , e a parte i tempi che si possono dilatare in base ai GB da riempire , si è dimostrato un’ ottimo strumento.

Se usate sfill in tutta la sua potenza avrete 38 riscritture da compiere , pertanto preparatevi a ore di attesa.

L ‘ installazione è molto semplice :

#aptitude install secure-delete

a questo punto é possibile eseguire il comando su una qualsiasi partizione montata , possiamo sapere quali  :

# mount | grep /dev
udev on /dev type devtmpfs
devpts on /dev/pts type devpts 
/dev/disk/by-uuid/9333kbd7-bf9d-43bb-8960-0e3336bK8716 on / type ext4
/dev/sda2 on /home type ext4 
/dev/sdc1 on /media/System_Reserved type fuseblk
/dev/sda7 on /media/archivio type xfs 
/dev/sdb1 on /media/backup type ext4
/dev/sda6 on /media/data type ext4
/dev/sdc3 on /media/wdata type fuseblk

Ad esempio per una pulizia sulla nostra /home (attenzione il comando necessita dei privilegi di root)

#sfill /home

More option in :

$man sfill
NAME
       sfill - secure free disk and inode space wiper (secure_deletion toolkit)

SYNOPSIS
       sfill [-f] [-i] [-I] [-l] [-l] [-v] [-z] directory/mountpoint

DESCRIPTION
       sfill  is  designed to delete data which lies on available diskspace on mediums in 
a secure manner which can not be recovered by thiefs, law enforcement or other threats.
       The wipe algorythm is based on the paper "Secure Deletion of Data from Magnetic 
and Solid-State Memory" presented at the 6th Usenix Security Symposium by  Peter  Gutmann,
       one of the leading civilian cryptographers.

       The secure data deletion process of sfill goes like this:

       *      1 pass with 0xff

       *      5 random passes. /dev/urandom is used for a secure RNG if available.

       *      27 passes with special values defined by Peter Gutmann.

       *      5 random passes. /dev/urandom is used for a secure RNG if available.

       afterwards  as  many  temporary  files as possible are generated to wipe the free 
inode space. After no more temporary files can be created, they are removed and sfill is
       finnished.

COMMANDLINE OPTIONS
       -f     fast (and insecure mode): no /dev/urandom, no synchronize mode.

       -i     wipe only free inode space, not free disk space

       -I     wipe only free disk space, not free inode space

       -l     lessens the security. Only two passes are written: one mode with 0xff 
and a final mode with random values.

       -l     -l for a second time lessons the security even more: only one 
random pass is written.

       -v     verbose mode

       -z     wipes the last write with zeros instead of random data

       directory/mountpoint this is the location of the file created in your filesystem.
 It should lie on the partition you want to write.

LIMITATIONS
       FILESYSTEM INTELLIGENCE
              Most filesystems (ext2, ffs, etc.) have several features included 
to enhance performance, which will result in that sfill might  not  receive  all  
available  free space. Sad but true. Nothing can be done about that ...

       NFS    Beware of NFS. You can't ensure you really completely wiped your 
data from the remote disks. (especially because of caching)

       Raid   Raid Systems use stripped disks and have got large caches. 
It's hard to wipe them.

       swap   Some of your data might have a copy in your swapspace.
  sswap is available for this task.
LIMITATIONS
       FILESYSTEM INTELLIGENCE
              Most filesystems (ext2, ffs, etc.) have several features included
to enhance performance, which will result in that sfill might  not  receive  all  available  free space. Sad but true. Nothing can be done about that ...

       NFS    Beware of NFS. You can't ensure you really completely wiped your 
data from the remote disks. (especially because of caching) 
       Raid   Raid Systems use stripped disks and have got large caches.
It's hard to wipe them.

       swap   Some of your data might have a copy in your swapspace.
sswap is available for this task. 
BUGS        No bugs. There was never a bug in the secure_deletion package
(in contrast to my other tools, whew, good luck ;-) Send me any that you find.  Patches are nice too :) 
AUTHOR        van Hauser / THC <vh@thc.org>

E poi quando leggi che non esistono bug conosciuti ed è sicuro , ti vien voglia di far rullare gli HD e scaldare un pò le testine.

 

be happy und secure 😉 with your debian

2 risposte a “Cancellazione sicura del disco con secure-delete”

  1. Ciao!

    E perchè non usare il buon vecchio shred?

    Inoltre mi sembra plausibile che con i dischi attuali sia più che sufficiente una sola riscrittura, senza dover frullare l’HD per ore.

  2. Gli strumenti sono tanti, tra questi va ricordato anche wipe.

    Ho provato secure-delete solo per dei test.

    Riguardo il frullato di HD hai perfettametne ragione, una partizione da 30 GB su un HD sata (I) ha impiegato 7 ore usando l’ opzione -l che esegue solo 2 scritture.

    queste cose sono davvero per maniaci ! 😉

Rispondi