Wiping files securely

October 5, 2010, by | Start Discussion

Introduction
This issue "Command Line Gyan" is not directly related to Fake AntiVirus but still we have something interesting for you

The idea this time is to delete a file and make sure it’s not recoverable (easily). We all know kind of deletion is called as wiping the file. We also know that there are a bunch of freeware & commercial tool to do so, but the idea is to achieve this from built-in commands/utils in a system. Remember you might get stuck on a machine where you don’t have your favorite tool and might not be connected to internet to download the same.

So let’s see how we can achieve the same from built in commands/utilities in both Windows & Linux environment.

Windows
What we have to start is by first deleting the file and then overwriting the area again and again to make it unrecoverable

To achieve the same, in windows you’ll find a command called “cipher”.

C:> cipher /w:c:windows

This command will cause overwrite on ALL unallocated space (available unused space only) within the volume which holds the folder c:windows.
The directory specified can be anywhere in a local volume. If it is a mount point or points to a directory in another volume, the data on that volume will be removed.

Don’t worry, this wont delete c:windows or even any content inside.

Pretty neat, loved it. But the only problem here is this command will cause overwriting of the space only thrice. First time by all zero’s, second time by all one’s and the third time by random numbers.

Ok, I got your concern & even I have read that you should overwrite a space atleast 25 times to make the data unrecoverable. So let’s see how we can exploit this to achieve that.

3 * 8 = 24
3 * 9 = 27

I think even if we repeat this whole operation 8 times, it will suffice. You can choose 10 or 12 iterations also but remember the time taken is directly proportionate to size of volume & free unallocated area.

So for the sake of our example, we’ll do it 8 times.

C:> for /L %i in (1,1,8) do @cipher /w:c:windows

I remember those college days when we used loops to make life easier. IN this example we’ll run the same process of cipher in 8 loops making it 24 iterations in total. Now I’m sure you’ll be happy that data has been wiped properly.

Remember I have cautioned you. The time taken is directly proportionate to size of volume & free unallocated area.

Linux
I loved it this time cause windows method wasn’t that difficult. But Linux is always easy.

The command here is “shred” which is there in most of the distros. In case of shred you won’t have to delete the file first & then overwrite, this itself will take care of all

# shred -n 3 -z -u myfile

Ok, very obvious from the command itself that n -3 means 3 iterations which can be changed to 25 as per above scenario. -z specifies that zero’s are to be overwritten in final iteration so that it looks like blank & -u to remove the file.

Pro – I don’t need to do it on the whole volume, just the file

Con – This command is for file, what about the whole disk

Con! Did I hear a “con” in Linux environment?? No way. Here’s the solution

# shred -n 3 -z /dev/sdc

If you notice we haven’t specified –u here, so it won’t delete the file pointer itself from the system.

What if the shred itself is not installed, now in such case, please it 🙂
 

Rohit Srivastwa

[email protected]

bio data - Rohit Srivastwa

Leave a Reply