Solved

Remotely wipe a Linux server

Posted on 2009-07-02
16
1,062 Views
Last Modified: 2013-12-15
I have a Linux redhat server in a datacenter that I lease, we're switching companies and as part of the migration I want to securely wipe the old server's hard drive once we're done moving it. What command or program or shell script would I use to do this? I'm thinking use some kind of secure delete app first to clean the server up as much as possible then have something delete the entire partions and drive space or reformat at startup etc?
0
Comment
Question by:tonal
  • 5
  • 4
  • 2
  • +2
16 Comments
 
LVL 11

Expert Comment

by:techzter
ID: 24762415
So you do not have physical access to the server? I can't think of a way since to securely wipe it you will need some sort of local boot disk that can clear the partitions and wipe the data including the operating system. You will lose you access to the machine once the partitions have been deleted.
0
 

Author Comment

by:tonal
ID: 24762454
Right, I know that you normally use a book disk, that's why I'm asking is there something you can load from the hard drive that will run at next restart and wipe itself? I mean once it's loaded from the hard drive into memory then it can just delete the hard drive right? Maybe load something into the MBR a loader that wipes the drive etc?
0
 
LVL 11

Expert Comment

by:techzter
ID: 24762480
Thanks for asking the question. This will be interesting. I will have to mark this one as monitored to see if anyone has a solution for this. Sorry I don't have a suggestion for you at this time.
0
Master Your Team's Linux and Cloud Stack!

The average business loses $13.5M per year to ineffective training (per 1,000 employees). Keep ahead of the competition and combine in-person quality with online cost and flexibility by training with Linux Academy.

 
LVL 11

Expert Comment

by:techzter
ID: 24762943
Does the datacenter that is hosting the server have an IP based KVM switch that you can connect to from a remote location? If so you could ship a boot CD with the tools needed for wiping the drive. Just ask them to place the cd into the tray for you. After that you would be able to force a reboot and use the KVM as though you were physically at the computer in order to wipe it out.
0
 

Author Comment

by:tonal
ID: 24762958
No KVM, and probably wouldn't allow a CD to put in the server for security reasons.
0
 
LVL 5

Expert Comment

by:QEMS
ID: 24762983
I am guessing you are in the US from your time zone, but this type of activity may be frowned upon here in the UK. It could potentially be viewed as an offence under the Computer Misuse Act as you don't own the hardware.

I would guess it depends on whether this is a dedicated server with no other data on it, or whether you are on a shared server containing other user's data. If it is a shared server I'm sure there would be some objections!

Is this eventuality covered under the agreement you have with the data centre? Is data destruction offered as part of the service you have? Or is it an additional service you could request from the operators of the data centre? I'm guessing this is not an option since you're asking the question, but thought I'd mention it just in case.

I'd be interested to see what solution comes up, I would have thought it was possible but it may leave you in a vulnerable position if the operators of the data centre took offence at that activity.
Unfortunately I'm unable to offer a better option than having the conversation with the operators of the data centre.
0
 

Author Comment

by:tonal
ID: 24763077
Of course I can delete our data, it's our server and our data, we are doing it for security reasons as I dont' want our old hard drive just floating around with private data on it. And it's too important to trust the datacenter up to doing it right. It's not something I want to hope that it's done properly, but I may have no choice but to request that they wipe the server. They say that they do that anyway, but I bet they just reimage it, but I think reimaging isn't seucre.
0
 
LVL 5

Accepted Solution

by:
QEMS earned 125 total points
ID: 24763281
Working on the assumption they look after your backups, have you also considered what they do with the backups? Do you know how far back the backups go and on what medium they are stored?

Is it an option to request the physical drive and deal with it yourself that way?
0
 

Author Comment

by:tonal
ID: 24763361
Backups I know for sure expire on a rotational basis, they're stored in a robotic IBM SAN system, so I know that the old backups will expire and be deleted in a couple weeks.

I could request the Hard drive, but I did that before with a datacenter when a server crashed and the backups had a problem for some files. What they did shocked me, I told them I needed it ASAP. They said we'll try to ship it today, then they got back to me a bit later and said my hard drive is packed and sitting by the back door of the data center waiting for Fedex to pick up! Jesus... So my hard drive was just sitting there outside the data center in a box waiting for some skateboarder or something to roll up and ride off wtih it !? lol unbeliable, that datacenter is no longer in business by the way. Ever heard about the Valueweb/Affinity/Hostway outage/migration nightmare they did, well that was them, and when I heard they got bought out and want to migrate my servers, I was out of there fast to a new datacenter and it was a good thing too as old servers where down for over a week! I would have lost all my customers I'm sure.
0
 
LVL 11

Assisted Solution

by:techzter
techzter earned 125 total points
ID: 24763474
It is sounding like actually taking possession of the physical hard disks, or server, may be the best option for you. Perhaps instead of asking them to ship it via FedEx, or UPS, you could arrange for a private courier to meet them on location to ensure the machine was not ever unattended outside of a secure area. This courier could than deliver the machine directly to you.

Or you could ask them to provide in writing the procedure that they use to ensure that all data has been removed from the drive. Unfortunately there would have to be some level of trust that they follow procedure. You would be covered legally at least by showing that you had taken the precautionary steps to ensure that the data was properly dealt with. If there was a breach of data security it would fall to them for being at fault for now following the procedure they had agreed to.
0
 
LVL 7

Assisted Solution

by:rcflyr
rcflyr earned 125 total points
ID: 24764691
I have used wipe to do a secure delete of the data, but it has some limitations you may want to look into first:

http://wipe.sourceforge.net/

0
 
LVL 7

Expert Comment

by:rcflyr
ID: 24764697
0
 
LVL 5

Expert Comment

by:AngelGabriel
ID: 24768629
i would use a variation of the method used to change a linux distro on virtual servers. Basically, it involved somehow using chroot to create a small linux install in an unmounted, prewiped swap partition, and then passing control over to it - and unmounting all the other partitions, and using the tools in the chroot wipe the partitions, all that would be left on the server, would be your small chroot jail that had the wipe command in it.

i know i'm paraphrasing up there, but it may jog the memories of some who have done it in the past.
0
 
LVL 5

Assisted Solution

by:AngelGabriel
AngelGabriel earned 125 total points
ID: 24768647
http://www.emmajane.net/node/916

I found a link describing what I mean - follow those instructions, except include tools that you use to wipe the partitions as much as you like.
0
 
LVL 11

Expert Comment

by:techzter
ID: 24784275
Nice solution AngelGabriel. That is a clever way to reinstall the OS.
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Linux users are sometimes dumbfounded by the severe lack of documentation on a topic. Sometimes, the documentation is copious, but other times, you end up with some obscure "it varies depending on your distribution" over and over when searching for …
Google Drive is extremely cheap offsite storage, and it's even possible to get extra storage for free for two years.  You can use the free account 15GB, and if you have an Android device..when you install Google Drive for the first time it will give…
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question