[clug] Wiping a (running) system...
jeff
jeffm at ghostgun.com
Mon Jul 26 21:09:08 MDT 2010
On 27/07/10 12:56 PM, Andrew Janke wrote:
> We've had plenty of talk about how to wipe a disk but I am in the
> situation where I want/need to wipe a remote system as much as
> possible. I can't really get physical access to the system but can
> SSH to it now. I can remove all the data from the data partitions no
> sweat but the root disk is more interesting...
>
> Is there some way to loading a currently running system into a ram
> disk or something and then wiping the disk from there?
>
Did something similar to this went a friend left a company he worked for
and they wouldn't give him access to his own machine (there was nothing
belonging to the company in question on it). Roughly, shutdown any
daemons or other processes other than those that are strickly needed.
Then run wipe or another secure deletion program. Failing that you could
try:
for i in 1 2 3; do
dd if=/dev/zero of=/dev/sda # assuming sda is the device in
question
done
Either way the system will be left in an unusable state and it would be
hard to guarantee how secure the wipe would be.
The other thought I just had would be to put a minimal system on a RAM
disk and chroot to that before starting. The thing that could bit you
here is the kernel trying to access a file from the disk you attempting
to wipe.
Jeff.
More information about the linux
mailing list