Nuke a hard drive with DBAN
No!, we are not going to blow up a hard drive, but instead render any data in it un-recoverable by using a free and open source utility called DBAN. DBAN is both trusted by government agencies and easy to use. DBAN can boot from a floppy disk, CD, DVD, or USB flash drive.
Formatting a hard drive is not the same as using DBAN, formated data can still be recovered with minimal effort. Please make sure you are using DBAN on the intended hard drive, you cannot reverse the process.
DBAN supports multiple ways of erasing data from a hard drive ranging from quick to paranoid. Paranoid wipes will take a long time to complete. Let’s look at some of the methods offered by DBAN to erase data.
- Quick Erase
Writes the hard drive with zeroes in one pass* RCMP TSSIT OPS-II
Total of eight(wipe) passes using a random byte, overwrite sequence changed every time* DoD Short
DoD 5220.22-M recommends a total of seven passes, instead DoD Short does 3 of the seven passes which results in quicker results* DoD 5220.22-M
It follows the standard by completing the seven required passes* Gutmann Wipe
35 passes across the hard drive, named after security expert Peter Gutmann’s who is also responsible for the same* PRNG
Uses the PRNG algorithm which is a sequence of numbers that approximates the properties of random numbers. You have options when it comes to how many passes PRNG will do.
For the sake of security I went with DoD Short, since its fast and safe from common recovery tools. By fast I mean, it wont take 6 hours to complete.
Prior to using DBAN
The process is straight forward and easy to understand.
- First you need to download the ISO, which then needs to be burned into a CD/DVD.
- In order to boot from the CD/DVD, you need to set the BIOS to boot from CD/DVD.
How-To
For this How-To I will be using DoD Short since it’s safe and quick on one hard drive. Three passes instead of seven will result in quicker results and no possibility of recovery using conventional tools.
- Insert the CD/DVD and boot from it. Let the live CD start by it self. Once DBAN starts you will be presented with the following options.
- To automatically start DBAN type autonuke, what autonuke does is automatically use DoD Short to erase the contents of the hard drive.
- As you can seen in this screen DBAN is informing you of the progress being made.
- After the three passes are done you will be presented with the following DBAN succeeded. Now you can take the media out of the CD/DVD drive and reboot if you wish.
dban, security — Jul 31, 2009