Difference between revisions of "Securely wipe disk"
(→Example run times: Organize sections, split manufacture/model column)
m (Filam moved page Securely Wipe HDD to Securely wipe disk: HDD too specific, correct capitalization)
Revision as of 14:17, 3 July 2012
There are a variety of applications that securely wipe a disk like and . dcfldd is an enhanced version of dd with features useful for forensics and security. It accepts most of dd's parameters and includes status output. Install from the official repositories.
Select a target
Use fdisk to locate all read/write devices. This will include USB drives if the user can access the devices. List the partition tables:
# fdisk -l
Check the output for lines that start with devices such as
/dev/hda. For example:
Disk /dev/sdc: 4063 MB, 4063232000 bytes 125 heads, 62 sectors/track, 1024 cylinders Units = cylinders of 7750 * 512 = 3968000 bytes Disk identifier: 0x00000000
In the preceding example the USB thumb drive is listed as
Overwrite the disk
Zero-fill the disk by writing a zero byte to every addressable location on the disk using the /dev/zero stream. Make certain that the
of=... line points to the target drive and not to a system disk! Make sure to specify a blocksize (i.e.
bs=xx). The speed of the overall process will be affected if omitting this switch.
# dcfldd if=/dev/zero of=/dev/sdX bs=4M
or the /dev/random stream:
# dcfldd if=/dev/urandom of=/dev/sdX bs=4M
The process is finished when dcfldd reports,
No space left on device. For example:
18944 blocks (75776Mb) written.dcfldd:: No space left on device
Repeating this process may not significantly decrease the ability to reconstruct the data (see: Secure deletion: a single overwrite will do it).
Example run times
The community is encouraged to populate the table in this section.
Get the model with hdparm:
# hdparm -i /dev/sdX | grep Model
Check progress of dcfldd
Time the run clearing the disk:
# time dcfldd if=/dev/zero of=/dev/sdX bs=4M 18944 blocks (75776Mb) written.dcfldd:: No space left of device real 16m17.033s user 0m0.377s sys 0m51.160s
Calculate MB/s by dividing the output of the dcfldd command by the time in seconds. For example: 75776Mb / (16.4 min * 60) = 77.0 MB/s.
Check progress of dd
By default, there is no output of dd until the task has finished. One can force some output simply by opening up a 2nd root terminal and issuing the following command:
# kill -USR1 <PID_OF_dd_COMMAND>
# kill -USR1 $(pidof dd)
This causes the terminal in which dd is running to output the progress at the time the command was run. For example:
605+0 records in 605+0 records out 634388480 bytes (634 MB) copied, 8.17097 s, 77.6 MB/s
|Manufacture||Model||HDD Speed (RPM)||Interface||Capacity (GB)||Time (Hrs)||Throughput (MB/s)|