security
Categories:

Wiping Free Space

Creates 1GB files full of zeros. Wipes almost all of the free space. Use a for loop to create the files on each filesystem. Run until the filesystem fills up before deleting zero files.

for (( i=1; i<=10; i++ ))
do
    num=$(printf "%03d" $i)
    echo $num
    dd bs=1024 count=1024K if=/dev/zero of=zero-$num
    sync
done

Wiping a Whole Drive

In RedHat Enterprise, and maybe others:

badblocks -w -s -p # [device]

Where # is the number of passes you want to use and device refers to the partition (/dev/sda1) or whole device (/dev/sda) you want to wipe.

Categories:

TrueCrypt 5 was released yesterday, the long awaited (by some, anyway) version of the excellent TrueCrypt software. TrueCrypt allows you to encrypt sensitive data on your hard disk, like financial information, passwords, etc..., and the best part is that it's free and open source.

In addition to the already great ability to encrypt regular files, TC5 now supports full disk encryption, which allows your entire disk, including the operating system, to be encrypted. This is especially relevant for laptops which can easily be stolen. We've all heard the news about some government laptop with 1,000s of social security numbers on it getting stolen, and this feature of TC5 will go a long way in helping to prevent this type of data loss/theft.

Before I get into it, I want to address this right off the bat. Too many people approach security issues with a "why bother" attitude. That sort of attitude will only come back to bite you in the end. Never EVER approach a security issue assuming that another person "will never figure it out", or "what are the chances someone will find this?", because eventually you will lose. You might get lucky and never have an issue, but real security does not rely on luck. The consequences of not protecting yourself FAR outweigh the "hassle". Once you see how easy it is to get real security, you won't have an excuse not to use it.

-----