Fastest tool to zero out hard drives

[YeOldeStonecat]

I have a rush project....client with a huge fleet of laptops is getting rid of the old approach to laptops....having them with a "portable/mobile" version of their healthcare package...the nurses VPN in from the road..and synchronize the databases.

For security purposes over the past year I've been replacing many of those laptops with new lappies with hardware encrypted drives...FDE. So far about 2/3 of them have been replaced.

However, their main application is moving more towards the terminal server approach now for the remote users. So....I'm building a terminal server, and will "wipe" the old, yet unencrypted hard drives...reload the OS..join the domain..and pretty much just set them to RDP to the terminal server from out in the field. (utilizing wireless at whichever site they're at, combined with Verizon cellular cards).

So this week and whatever days next week...have about 9 of those laptops to wipe 'n reload. But we want to remain 100% confident that these laptops are "cleansed"...I realize that blowing away the partition, doing a full format, fresh install of the OS, updates..and then a defrag...will for all intensive purposes "pretty much" guarantee that nothing can be pulled from the prior install. However....would rather go with 100% certainty...thus a full proper gov't standard wiping out of the hard drive is desired before installing Winders again.

Usually those utilities run for like...a day or three....I don't have the time for that. What ones have you guys found to do the job properly, but in relatively short time?

 

[mattjw916]

I use PDWipe for that. It's quite fast and has never taken more than a few hours to wipe anything, even those pokey laptop HDDs. Traditional HDDs complete is far less time. You just boot off a CD and let it run basically, nothing fancy.

 

[kevinzak]

I use PDWipe for that. It's quite fast and has never taken more than a few hours to wipe anything, even those pokey laptop HDDs. Traditional HDDs complete is far less time. You just boot off a CD and let it run basically, nothing fancy.

Same. I think four hours for the six 5400rpm 250GB laptop drives. Just burned six copies and let them do their thing.

 

[Red Squirrel]

I like the shred command, which seems to be standard with most linux distros. It will randomize or zero out depending on the arguments you give it. With verbose on it gives status so you know what's going on.

The nice thing is since it's just a command you can plug the drive into any machine that's always on, and go at it, walk away and forget about it. It can take a couple weeks to do a full military grade wipe if it's a TB drive.

 

[BinarySynapse]

Honestly, a simple zero-fill on today's hard drives is impossible to recover from. All the talk about recovering previously written bits and reconstructing data is referring to old old old technology. Even with those drives, it would take forever to reconstruct anything more than a few bits.

Today's drive have bits recorded so densely, and so weakly that it barely reads the data more than takes an educated guess about what's been recorded, that scanning the surface for data would yield garbage, even for unerased data.

 

[thedocta45]

Hammer+microwave

I would actually recomend the darik's boot and nuke utility from the ultiboot cd.
I'm not sure its the fastest but it works quickly imo.
The utility is a stand alone, so you can just find a bootable copy on dban.org.

 

[AMD_Gamer]

Thermite.

 

[ciggwin]

I like DBAN - it takes a few hours but I've always had the time. I'm not sure you are going to find anything that is "quick" for this type of task.

 

[obrith]

I second DBAN. It'll do all sorts of different wipes depending on your needs. From a simple zeroing to DoD multi-wipe.

 

[joblo37pam]

I second DBAN. It'll do all sorts of different wipes depending on your needs. From a simple zeroing to DoD multi-wipe.

Another vote for DBAN if you are leaving the drives in the machines to wipe. If you have an extra box of some sort sitting around that you can slave the drives into, it will do multiple drives at once, also. That's probably your quickest option.

I've done a couple with CCleaner lately, too. I throw the drive into a SATA hot-swap caddy in my desktop, do a quick zero-fill with WD Data Lifeguard to get rid of partition tables, then initialize the disk and create an ntfs partition. CCleaner will let you run a 1, 3, 7, or 35 pass wipe on empty space, so I run it on the newly created partition. When done, I do a quick zero-fill again to wipe out the ntfs partition, and call it clean.

 

[marley1]

just curious those field laptops why join to domain if they are remoting in from outside domain?

sucks that you dont get to use the FDE drives.

 

[YeOldeStonecat]

just curious those field laptops why join to domain if they are remoting in from outside domain?

sucks that you dont get to use the FDE drives.

I dunno......guess not really a reason, perhaps inventory in ADUC, keeps antivirus management easy, and maybe can get fancier with group policies when I grow their domain out of SBS03 and into standard 08.

Joining the domain, those steps are just a few minutes.
Setting up new users on the laptop though, leaving them in workgroup mode, passwordless...makes for ease of nurse turnover/new staff, less to have to setup for new users..just really have to setup their remote desktop profile on the TS.

 

[marley1]

Yeah I dunno I usually leave field units off domain and set the av to go over wan ip, leave icon for vpn/rdp/https exchange.

Never saw the need for true road warriors, for those that come back and fourth to office then domain but then gotta worry bout folder redirection.

Btw vipre looks pretty cool. Better pricing as reseller

 

[InvisiBill]

Secure Erase (the same thing used to "reset" SSDs) if the drives support it. It's essentially DBAN or some other wiper, but built into the firmware of the drive. Since it's all internal to the drive, it's faster than using software to push a full drive (or 7) worth of bits onto the drive. Parted Magic's wiper supports SE, but your BIOS may try to lock it out to keep malware from irreversibly wiping your drive with a single command. I actually had to go back to an older BIOS version on the PC I use for wiping at work to get SE to work at all.

 

[ghost6303]

Thermite.

if you dont want to reuse the drives, this will "clean" hundreds of em in < 30 seconds

 

[YeOldeStonecat]

Came all set to try DBan. BUT....their laptops are ultra portables, thus no optical drive. So make a bootable USB drive. However, these models have a built in "recovery" hidden partition...such as on the Thinkpad X series, hit the blue button..and can basically run the recovery/restore from there.

However, DBan can only wipe a whole physical drive, I cannot tell it to leave the hidden 4 gig recovery partition alone.

Found Active KILLDISK..but the free version only does a single pass of ZEROs..but doing that now.

If someones familiar with a product that can make and boot from a USB drive, and allow me to select partitions to wipe..and do more than a single pass..post 'em up!

 

[BinarySynapse]

Came all set to try DBan. BUT....their laptops are ultra portables, thus no optical drive. So make a bootable USB drive. However, these models have a built in "recovery" hidden partition...such as on the Thinkpad X series, hit the blue button..and can basically run the recovery/restore from there.

However, DBan can only wipe a whole physical drive, I cannot tell it to leave the hidden 4 gig recovery partition alone.

Found Active KILLDISK..but the free version only does a single pass of ZEROs..but doing that now.

If someones familiar with a product that can make and boot from a USB drive, and allow me to select partitions to wipe..and do more than a single pass..post 'em up!

Why do you want to do more than a single pass?

 

[YeOldeStonecat]

Why do you want to do more than a single pass?

The "Quality Assurance Manager" here told me the HIPAA regs are a minimum of "blah blah blah"...I think the 7 pass minimum DOD spec.

I agree...way overkill, and one pass with a format and reinstall for all intensive purposes should be unrecoverable as far as old data left behind. But with healthcare agencies worried about liability of lost patient data...and those stiff stiff fines imposed on them when they have to report that a laptop is lost, guess they just want to be "beyond 100% positive that no information is at risk".

 

[ShadowStriker]

Came all set to try DBan. BUT....their laptops are ultra portables, thus no optical drive. So make a bootable USB drive. However, these models have a built in "recovery" hidden partition...such as on the Thinkpad X series, hit the blue button..and can basically run the recovery/restore from there.

However, DBan can only wipe a whole physical drive, I cannot tell it to leave the hidden 4 gig recovery partition alone.

Found Active KILLDISK..but the free version only does a single pass of ZEROs..but doing that now.

If someones familiar with a product that can make and boot from a USB drive, and allow me to select partitions to wipe..and do more than a single pass..post 'em up!

Send Eddy Kurms at LSoft Technologies an email and ask if you can get an evaluation copy of Active@KillDisk and you'll have access to the full version. And as far as I can tell you can select which partition you want to wipe. Active@Killdisk also lets you kill a drive. I usually wipe entire drives and not by partition anyways, but from the screen it lets you choose what you want to wipe.

 

[B1zz]

Came all set to try DBan. BUT....their laptops are ultra portables, thus no optical drive. So make a bootable USB drive. However, these models have a built in "recovery" hidden partition...such as on the Thinkpad X series, hit the blue button..and can basically run the recovery/restore from there.

However, DBan can only wipe a whole physical drive, I cannot tell it to leave the hidden 4 gig recovery partition alone.

Found Active KILLDISK..but the free version only does a single pass of ZEROs..but doing that now.

If someones familiar with a product that can make and boot from a USB drive, and allow me to select partitions to wipe..and do more than a single pass..post 'em up!

i've used killdisk more than i care to count. relatively quick and painless. free version should do you fine for a single wipe of zeroes + OS install. i understand the "need" for hardcore data destruction being around healthcare and all. it really comes down to the point of having a set of spares pre-zeroed/reinstalled, plug and play the spare into the laptop and nuke the old one when time allows. that'd be the "fastest"....you didnt mention cheap.

 

[BinarySynapse]

The "Quality Assurance Manager" here told me the HIPAA regs are a minimum of "blah blah blah"...I think the 7 pass minimum DOD spec.

I agree...way overkill, and one pass with a format and reinstall for all intensive purposes should be unrecoverable as far as old data left behind. But with healthcare agencies worried about liability of lost patient data...and those stiff stiff fines imposed on them when they have to report that a laptop is lost, guess they just want to be "beyond 100% positive that no information is at risk".

Okay that's a different story then.

Are all the laptops the same? If so, make an image of the recovery partition and MBR, DBAN the drives, then restore the recovery partition and MBR back to the drives.

 

[YeOldeStonecat]

Okay that's a different story then.

Are all the laptops the same? If so, make an image of the recovery partition and MBR, DBAN the drives, then restore the recovery partition and MBR back to the drives.

Neg...unfortunately a mixture of Thinkpad X40, X60s, X200, X61, Fujitsu Life (although these have optical drives), and one Dell in the mix.

 

[BinarySynapse]

Neg...unfortunately a mixture of Thinkpad X40, X60s, X200, X61, Fujitsu Life (although these have optical drives), and one Dell in the mix.

Ah well, you could do the same routine for each model.. but that might more hassle than you're willing to deal with.