Doug Vitale Tech Blog

Darik’s Boot and Nuke

A situation may arise when you want to completely wipe the data from a hard drive. You may be selling or giving someone your old drive, or perhaps you just want to dispose of one in the trash. Other times your Windows installation could be crawling with malware and you want to completely erase it. Maybe you suspect your drive will soon be forcibly confiscated. In these cases you should obviously be concerned about other individuals accessing your files, even the files that you have “deleted”. For times likes these, Ben Rothke makes the case for secure data destruction in his article ‘Why Information Must Be Destroyed’.

Destroyed hard drive

When you want to achieve total data destruction on a drive, a tool like Darik’s Boot and Nuke (DBAN) can save the day. Even though physical destruction is the safest bet, utilities like DBAN are the next best choice. According to Wikipedia, DBAN “is designed to securely erase a hard disk until data is permanently removed and no longer recoverable, which is achieved by overwriting the data with pseudorandom numbers generated by Mersenne twister or ISAAC”.

Version 2.2.8 was released in November 2013. DBAN software is available from SourceForge.

DBAN is distributed as an .iso that must be burned to a disc such as a CD or DVD (or you could launch it from a USB flash drive). Afterward you boot to the DBAN disc by pressing the appropriate key (usually one of the ‘F-’ keys on the top of the keyboard) and selecting the drive you want to zap.

Screenshots of DBAN in action are available on the project’s main Sourceforge page, so I will not reproduce any here. However, explanations of the various “nukes” or wipe methods that DBAN offers are provided below.

  • Quick Erase – “zeroizes” the hard drive (the disk gets filled with zeroes).
  • RCMP TSSIT OPS-11 – makes eight disk passes with a random byte changed with each overwrite sequence. Be aware that RCMP TSSIT OPS-II is no longer the Canadian government’s data sanitization standard, having been replaced by CSEC ITSG-06. Official Canadian specifications for CSEC ITSG-06 and their data erase standards are available here.
  • DoD Short – makes three of the seven passes specified by DoD 5220-22.M, aka NISP Operating Manual (NISPOM).
  • DoD 5220.22-M – makes all seven disk passes specified by DoD 5220-22.M using random characters and data streams.
  • Gutmann Wipe – makes twenty-seven passes in random order using specific data along with eight passes using random data (Wikipedia).
  • PRNG Stream – overwrites the disk with a Pseudo Random Number Generator (PRNG) stream.

NIST also has published its own set of data erasure standards called SP 800-88 (432 KB PDF, Sep. 2006). Also see SP 800-88-Rev.1 (DRAFT Guidelines for Media Sanitization, Sep. 2012). The Australian Government Department of Defense published their data sanitization and destruction standards in the ‘Media Security’ section of their Information Security Manual.

Advisory

A National Institute of Justice (NIJ) report published in Jan 2010 discusses the results of DBAN testing performed by NIST. The report concludes that: “In all the test cases run against Darik’s Boot and Nuke (DBAN) Version 1.0.7, all visible sectors were successfully overwritten. For the test cases that used drives containing an HPA or DCO, the tool behaved as designed by the vendor and did not overwrite hidden sectors.”

Similar tools

If you are curious about other data destruction tools or if DBAN is giving you problems, have a look at Secure Erase, ATA Secure Erase (courtesy of the hdparm utility), and shred.

Questions?

If you encounter errors or other difficulty using DBAN, have a look at the DBAN FAQ, the DBAN Help page, and the DBAN support forum.

Recommended reading

If you found the content of this article helpful and want to expand your knowledge further, please consider buying a relevant book using the links below. Thanks!

Real Digital Forensics on Amazon Real Digital Forensics Digital Forensics With Open Source Tools on Amazon Digital Forensics with Open Source

Basics of Digital Forensics on Amazon Basics of Digital Forensics Windows Forensic Analysis Toolkit on Amazon Windows Forensic Analysis Toolkit

File System Forensic Analysis on Amazon File System Forensic Analysis  Digital Evidence and Computer Crime on Amazon Digital Evidence & Computer Crime

Pro Data Backup and Recovery on Amazon Pro Data Backup and Recovery  Backup & Recovery on Amazon Backup & Recovery

About these ads

Written by Doug Vitale

January 26, 2012 at 3:24 PM

%d bloggers like this: