Solved

Remotely wipe a Linux server

Posted on 2009-07-02
16
1,050 Views
Last Modified: 2013-12-15
I have a Linux redhat server in a datacenter that I lease, we're switching companies and as part of the migration I want to securely wipe the old server's hard drive once we're done moving it. What command or program or shell script would I use to do this? I'm thinking use some kind of secure delete app first to clean the server up as much as possible then have something delete the entire partions and drive space or reformat at startup etc?
0
Comment
Question by:tonal
  • 5
  • 4
  • 2
  • +2
16 Comments
 
LVL 11

Expert Comment

by:techzter
Comment Utility
So you do not have physical access to the server? I can't think of a way since to securely wipe it you will need some sort of local boot disk that can clear the partitions and wipe the data including the operating system. You will lose you access to the machine once the partitions have been deleted.
0
 

Author Comment

by:tonal
Comment Utility
Right, I know that you normally use a book disk, that's why I'm asking is there something you can load from the hard drive that will run at next restart and wipe itself? I mean once it's loaded from the hard drive into memory then it can just delete the hard drive right? Maybe load something into the MBR a loader that wipes the drive etc?
0
 
LVL 11

Expert Comment

by:techzter
Comment Utility
Thanks for asking the question. This will be interesting. I will have to mark this one as monitored to see if anyone has a solution for this. Sorry I don't have a suggestion for you at this time.
0
 
LVL 11

Expert Comment

by:techzter
Comment Utility
Does the datacenter that is hosting the server have an IP based KVM switch that you can connect to from a remote location? If so you could ship a boot CD with the tools needed for wiping the drive. Just ask them to place the cd into the tray for you. After that you would be able to force a reboot and use the KVM as though you were physically at the computer in order to wipe it out.
0
 

Author Comment

by:tonal
Comment Utility
No KVM, and probably wouldn't allow a CD to put in the server for security reasons.
0
 
LVL 5

Expert Comment

by:QEMS
Comment Utility
I am guessing you are in the US from your time zone, but this type of activity may be frowned upon here in the UK. It could potentially be viewed as an offence under the Computer Misuse Act as you don't own the hardware.

I would guess it depends on whether this is a dedicated server with no other data on it, or whether you are on a shared server containing other user's data. If it is a shared server I'm sure there would be some objections!

Is this eventuality covered under the agreement you have with the data centre? Is data destruction offered as part of the service you have? Or is it an additional service you could request from the operators of the data centre? I'm guessing this is not an option since you're asking the question, but thought I'd mention it just in case.

I'd be interested to see what solution comes up, I would have thought it was possible but it may leave you in a vulnerable position if the operators of the data centre took offence at that activity.
Unfortunately I'm unable to offer a better option than having the conversation with the operators of the data centre.
0
 

Author Comment

by:tonal
Comment Utility
Of course I can delete our data, it's our server and our data, we are doing it for security reasons as I dont' want our old hard drive just floating around with private data on it. And it's too important to trust the datacenter up to doing it right. It's not something I want to hope that it's done properly, but I may have no choice but to request that they wipe the server. They say that they do that anyway, but I bet they just reimage it, but I think reimaging isn't seucre.
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 
LVL 5

Accepted Solution

by:
QEMS earned 125 total points
Comment Utility
Working on the assumption they look after your backups, have you also considered what they do with the backups? Do you know how far back the backups go and on what medium they are stored?

Is it an option to request the physical drive and deal with it yourself that way?
0
 

Author Comment

by:tonal
Comment Utility
Backups I know for sure expire on a rotational basis, they're stored in a robotic IBM SAN system, so I know that the old backups will expire and be deleted in a couple weeks.

I could request the Hard drive, but I did that before with a datacenter when a server crashed and the backups had a problem for some files. What they did shocked me, I told them I needed it ASAP. They said we'll try to ship it today, then they got back to me a bit later and said my hard drive is packed and sitting by the back door of the data center waiting for Fedex to pick up! Jesus... So my hard drive was just sitting there outside the data center in a box waiting for some skateboarder or something to roll up and ride off wtih it !? lol unbeliable, that datacenter is no longer in business by the way. Ever heard about the Valueweb/Affinity/Hostway outage/migration nightmare they did, well that was them, and when I heard they got bought out and want to migrate my servers, I was out of there fast to a new datacenter and it was a good thing too as old servers where down for over a week! I would have lost all my customers I'm sure.
0
 
LVL 11

Assisted Solution

by:techzter
techzter earned 125 total points
Comment Utility
It is sounding like actually taking possession of the physical hard disks, or server, may be the best option for you. Perhaps instead of asking them to ship it via FedEx, or UPS, you could arrange for a private courier to meet them on location to ensure the machine was not ever unattended outside of a secure area. This courier could than deliver the machine directly to you.

Or you could ask them to provide in writing the procedure that they use to ensure that all data has been removed from the drive. Unfortunately there would have to be some level of trust that they follow procedure. You would be covered legally at least by showing that you had taken the precautionary steps to ensure that the data was properly dealt with. If there was a breach of data security it would fall to them for being at fault for now following the procedure they had agreed to.
0
 
LVL 7

Assisted Solution

by:rcflyr
rcflyr earned 125 total points
Comment Utility
I have used wipe to do a secure delete of the data, but it has some limitations you may want to look into first:

http://wipe.sourceforge.net/

0
 
LVL 7

Expert Comment

by:rcflyr
Comment Utility
0
 
LVL 5

Expert Comment

by:AngelGabriel
Comment Utility
i would use a variation of the method used to change a linux distro on virtual servers. Basically, it involved somehow using chroot to create a small linux install in an unmounted, prewiped swap partition, and then passing control over to it - and unmounting all the other partitions, and using the tools in the chroot wipe the partitions, all that would be left on the server, would be your small chroot jail that had the wipe command in it.

i know i'm paraphrasing up there, but it may jog the memories of some who have done it in the past.
0
 
LVL 5

Assisted Solution

by:AngelGabriel
AngelGabriel earned 125 total points
Comment Utility
http://www.emmajane.net/node/916

I found a link describing what I mean - follow those instructions, except include tools that you use to wipe the partitions as much as you like.
0
 
LVL 11

Expert Comment

by:techzter
Comment Utility
Nice solution AngelGabriel. That is a clever way to reinstall the OS.
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Join & Write a Comment

This article will explain how to establish a SSH connection to Ubuntu through the firewall and using a different port other then 22. I have set up a Ubuntu virtual machine in Virtualbox and I am running a Windows 7 workstation. From the Ubuntu vi…
The purpose of this article is to fix the unknown display problem in Linux Mint operating system. After installing the OS if you see Display monitor is not recognized then we can install "MESA" utilities to fix this problem or we can install additio…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now