Main Area and Open Discussion > Living Room
Interesting Discovery Involving Rented Servers
mediaguycouk:
The thought of a windows command that could format windows from inside windows. Can you imagine the support calls?
Gothi[c]:
The thought of a windows command that could format windows from inside windows. Can you imagine the support calls?
-mediaguycouk (May 01, 2009, 03:52 AM)
--- End quote ---
Unfortunately it seems it can only overwrite unused data, so you wouldn't be able to erase windows while running it. (So you probably leave a lot of registry data behind etc)
I'd be interesting if someone were to find a tool to wipe the entire OS. as you're running it, remotely, just like you can on *nix.
So far it looks like a boot disk (eg dban) is the best solution, but usually (but not always) that requires physical access. Softlayer for example, lets you mount remote media, so it would be possible to pull it off there, but I don't think many other hosts offer that feature, and often the budget limits the choices you have.
y0himba:
As for Windows, I use Eraser when working in Windows. When I sell a computer or HDD, I use DBAN(Darik's Boot And Nuke). Just boot form the CD/DVD/Floppy/USB stick, choose your options, and wait for a while. (Sometimes over 8 hours depending on HDD size). Securely and completely erases and obfuscates data preventing recovery.
40hz:
Windows XP includes a command that will do what you want, (also available to Win2000):
cipher
Administrators can use Cipher.exe to encrypt and decrypt data on drives that use the NTFS file system and to view the encryption status of files and folders from a command prompt. An updated version of the Cipher tool has been released for Windows 2000, and is included with Windows XP. The updated version adds another security option. This new option is the ability to overwrite data that you have deleted so that it cannot be recovered and accessed.
--- End quote ---
eg. cipher /w:C:\ should wipe all unused space on the C: drive.
Otherwise there's always DBAN.
-4wd (May 01, 2009, 02:30 AM)
--- End quote ---
The only problem with the Cipher command is that it uses three write passes and can't be changed. We used to use Cipher until drive capacities go too big for it to be practical for us. That's when we switched over to using Eraser, which does allow for a single pass.
From what I've been reading, the consensus among most security experts is that a single-pass overwrite is every bit as effective as a multipass wipe. Or at least it is with today's forensic recovery software.
f0dder:
I guess this is one of the things that are so obvious you forget to thing about :)
Personally, I wouldn't bother with anything but a simple single-pass wipe, which is good enough to prevent any software based recovery attempt. I don't know which hardware reconstruction attempts are possible (I suspect there's a lot of urban legend, based on the older MFM drives and whatnot), but I'm doubt anybody would go through the trouble of doing magnetic residue analysis or whatever on anything I do :)
As for wiping a Windows system if you don't have a "fancy host", I guess the solution would be overwriting the MBR with a disk-wipe tool... should definitely be doable, but I don't know any that supports this off-the-shelf.
The above assumes dedicated servers, btw. I guess you're SOL if you use a shared server without "root" access, and virtualized servers could be a problem as well.
Navigation
[0] Message Index
[#] Next page
[*] Previous page
Go to full version