cancel
Showing results for 
Search instead for 
Did you mean: 

Any Veritas secure eraser tools to erase Veritas file system

sirius20d
Level 2

Hi All,

We have Veritas file system running in our sun fire solaris. We need to secure erase the data in it. Is there any Veritas secure eraser tools to erase Veritas file system?

Rg

Jack

1 ACCEPTED SOLUTION

Accepted Solutions

mikebounds
Level 6
Partner Accredited

The SF admin guide says:

 

The VxVM shred operation provides the following methods of
overwriting a disk:
■ One-pass algorithm
   VxVM overwrites the disk with a randomly-selected digital pattern. This option
   takes the least amount of time. The default type is the one-pass algorithm.
■ Three-pass algorithm
   VxVM overwrites the disk a total of three times. In the first pass, VxVM
   overwrites the data with a pre-selected digital pattern. The second time, VxVM
   overwrites the data with the binary complement of the pattern. In the last
   pass, VxVM overwrites the disk with a randomly-selected digital pattern.
■ Seven-pass algorithm
   VxVM overwrites the disk a total of seven times. In each pass, VxVM overwrites
   the data with a randomly-selected digital pattern or with the binary
   complement of the previous pattern.
 
Mike

View solution in original post

4 REPLIES 4

Gaurav_S
Moderator
Moderator
   VIP    Certified

Nop, no such tool from veritas .... you might need to use external Unix shredder utilities

 

G

mikebounds
Level 6
Partner Accredited

You can (assuming you are using vxvm as well as vxfs) in version 6 of volume manager - see:

https://sort.symantec.com/public/documents/sfha/6.0/linux/productguides/html/sfha_notes/ch01s06s01s0...

where it says:

 

Secure deletion of Veritas Volume Manager disks

When you decommission a disk that contained sensitive data, you may need to destroy any remaining data on the disk. In this release, VxVM provides the ability to shred the data on the disk to minimize the chance that the data is recoverable. When you specify the disk shred operation, VxVM shreds the entire disk, including any existing disk labels. After the shred operation, VxVM writes a new empty label on the disk to prevent the disk from going to the error state. The VxVM shred operation overwrites all of the addressable blocks with a digital pattern in one, three, or seven passes.

 

 

You could delete volume and use "init=zero" to recreate volume to zero out data, but would be easier to use dd to write zeros to the volume (dd if=/dev/zero of=/dev/vx/dsk/dg_name/volume_name) after umounting filesystem or use an O/S util if you need this to be properly shredded.

Note, if security is important for deleted files in filesytems you are keeping, then if you use "-o blkclear" when mounting filesystem then deleted files are completely erased before the space is reused - see vxfs_admin guide "Mount Options"

Mike

sirius20d
Level 2

Thanks mike, do you think Secure deletion of Veritas Volume Manager disks uses algorithm? e.g. dod, nnsa or usarmy?

mikebounds
Level 6
Partner Accredited

The SF admin guide says:

 

The VxVM shred operation provides the following methods of
overwriting a disk:
■ One-pass algorithm
   VxVM overwrites the disk with a randomly-selected digital pattern. This option
   takes the least amount of time. The default type is the one-pass algorithm.
■ Three-pass algorithm
   VxVM overwrites the disk a total of three times. In the first pass, VxVM
   overwrites the data with a pre-selected digital pattern. The second time, VxVM
   overwrites the data with the binary complement of the pattern. In the last
   pass, VxVM overwrites the disk with a randomly-selected digital pattern.
■ Seven-pass algorithm
   VxVM overwrites the disk a total of seven times. In each pass, VxVM overwrites
   the data with a randomly-selected digital pattern or with the binary
   complement of the previous pattern.
 
Mike