[Dshield] [DShield] RE: Thanks Brian

Valdis.Kletnieks@vt.edu Valdis.Kletnieks at vt.edu
Sat Aug 13 04:38:12 GMT 2005


On Fri, 12 Aug 2005 22:17:24 CDT, Mike Wydra said:

> if for some reason I suspect I have a real nasty bug - I dump my hard-drive
> and go to the backup. Dumping my drive includes writing garbage to the entire
> drive ten times before I reformat. Want to talk about paranoid... :)

Yes, that's paranoid. And that's coming from a professional member of the
tinfoil-helmet brigade.. :)

Things to note:

1) Going to the backup only makes sense if you can convince yourself that
you have a clean backup.  If it's something that may have laid dormant for
a while before manifesting, it may not be obvious if the backups are OK.

2) 10 over-writes is *way* overkill.  The *first* actual overwrite already
reduces the disk to a state where recovery of previous data will be requiring
a clean room and cracking the case.  DoD says three passes are sufficient for
sanitizing disks that contained data up to and including Secret (although
Top Secret and higher classifications still require physical destruction for
sanitization).

3) One pass is probably reasonable.  While that's running, you should devote
some resources to figuring out how the thing got in - otherwise you're just
restoring a vulnerable system from backup, all set to get whacked again....
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
Url : http://www.dshield.org/pipermail/list/attachments/20050813/a733ed1e/attachment.bin


More information about the list mailing list