Re: Selective Security Wipe


"mwheat" <mwheat28@xxxxxxxxxxxxxxxxxx> wrote in message
news:OKA1jUDyHHA.4800@xxxxxxxxxxxxxxxxxxxxxxx
Thank you Steve for your response. The DOD standard is at the client's
request. I looked at the Cipher utility with the /W switch, but wasn't
sure if it would traverse sectors/folders on the drive and meet their
requirements.

It is my impression that it has nothing to do with the folder structure, but
simply writes to all unallocated clusters on a volume, which seems to be
what sdelete does.

The proof would appear to be in the pudding. We have a test machine running
a variety of forensic tools designed to find data stored on disks, whether
within the storage allocated as files or within the available free space.
When we have the time we will try these out on disks we have wiped with
sdelete and cipher to see if we can find a unique string stored in a file
deleted before wiping it. If anyone out there has already done something
like this, I would be very interested in hearing of your experiences.


/Al

I've also been looking at Microsoft's SDelete utility using the -p 3 -s -z
switches which should make 3 passes, recurse subdirectories and cleanse
free space. We'll be testing on a lab system to see which utility can
perform faster on a multi-disk array.

I apprecite your input and will revisit using the Cipher utility in our
tests.
Have a great week Steve!
Mark


"Steve Riley [MSFT]" <steve.riley@xxxxxxxxxxxxx> wrote in message
news:8FBF79B3-5C9A-47F5-BD9E-DA3CCD06455C@xxxxxxxxxxxxxxxx
Do you really need DOD-level standards? You might consider the CIPHER
utility already included in Windows. CIPHER /W wipes erased space with
three passes: 00, FF, <random byte>. This is probably sufficient. I
haven't compared the speed of CIPHER to any third-party utilities,
however.

Steve Riley
steve.riley@xxxxxxxxxxxxx
http://blogs.technet.com/steriley


"mark" <mwheat28@xxxxxxxxxxxxxxxxxx> wrote in message
news:O93NPBcwHHA.4640@xxxxxxxxxxxxxxxxxxxxxxx
Wondering if anyone has a suggestion for how to perform selective
deletion
of data from multiple servers and volumes, that will meet DOD erasure
standards when completed?

One of our clients is not using our services any longer and has
requested
all data pertaining to their business, be deleted from any and all
servers.
Obviously backups will need to be addressed, but there are over 40
servers
with multiple volumes and MS SQL Server.

I have found a few utilities that appear to do this (like DODlete) but
time
and efficiency are a key component.

Any advice would be appreciated.

Thanks,
mwheat






.

Relevant Pages

  • Re: Selective Security Wipe
    ... Do you really need DOD-level standards? ... CIPHER /W wipes erased space with three passes: ... of data from multiple servers and volumes, ... all data pertaining to their business, be deleted from any and all servers. ...
    (microsoft.public.windows.server.security)
  • Re: cipher /w:C:
    ... > parameters for the Cipher command has been listed.Scroll down the table ... > If you open the command prompt window and put the above command what does ... The second link has nothing that applies to the OP. ... >> first link tells the syntax of the /w switch but nothing that answers the ...
    (microsoft.public.windowsxp.general)