Murky@cup.portal.com (12/20/89)
I need to bring a fileserver which has classified info on it out of the secure area. In order to do this, the disk must be scrubbed of all data according to DoD guidelines. I know Sun sells software to do this but management is balking at paying the $1000 Sun wants for the capability which will only be used once. I am looking for alternative ways (read cheaper) of doing this. Any pointers to PD software or possibly manual procedures which can do the trick? Murky@cup.portal.com
wyle@relay.eu.net (Mitchell Wyle) (12/20/89)
In article <3846@brazos.Rice.edu> Murky@cup.portal.com writes: >X-Sun-Spots-Digest: Volume 8, Issue 219, message 5 of 8 > >I need to bring a fileserver which has classified info on it out of the >secure area. In order to do this, the disk must be scrubbed of all data >according to DoD guidelines. I know Sun sells software to do this but >management is balking at paying the $1000 Sun wants for the capability >which will only be used once. I am looking for alternative ways (read >cheaper) of doing this. Any pointers to PD software or possibly manual >procedures which can do the trick? Murky, Even if a PD system meets or exceeds the DoD spec, it won't be approved (verified). Buy the Sun software, or rent it from a 3rd party. I suspect that some old diag software which writes specific bit patterns to the disk in order to test it would meet the spec, but I wouldn't bet a security violation on it.
hart@decwrl.dec.com (Howard C. Hart) (12/23/89)
In article <3846@brazos.Rice.edu> Murky@cup.portal.com writes: >X-Sun-Spots-Digest: Volume 8, Issue 219, message 5 of 8 > >I need to bring a fileserver which has classified info on it out of the >secure area. In order to do this, the disk must be scrubbed of all data >according to DoD guidelines. I know Sun sells software to do this but This works great if you can daisy chain the disk to be wiped onto a standalone machine with its own root and swap on a local disk. ie- we used it to wipe a SCSI disk, just daisy chained it to a standalone 3/60 and scrubbed the raw partition. Security types usually like to see it wiped x times with alternating ones and zeroes, so you may want customize the buffers a little bit more to accomomodate them, or use bzero to speed up the buffer loadins. Also, I chose 8192 for BUFSIZE since that's the size of the standard Sun buffer. Disk vendors have told me as high as 16K to speed the process up. Lastly, I don't know if you can keep this resident in RAM along with a kernal image and wipe a single attached disk--Inever tried it, though it should be possible. One more thing, it may or may not write the bad partitions already labeled as such on the disk--that's up to the controller and device drivers, but then again, it is free...:-) [[Ed's Note: Placed in titan archives.]] FTP: Hostname : titan.rice.edu (128.42.1.30) Directory: sun-source Filename : scrub.c Archive Server Address: archive-server@rice.edu Archive Server Command: send sun-source scrub.c