Disk wipe utility for Dell servers with PERC Raid card.

Please read carefully.  I am looking for a free utility which will allow me to wipe (minimum 2 wipe) my Dell poweredge servers.  The utility must be able to recognize the Dell PERC SCSI and or SAS RAID adapter to allow me to wipe all the drives on the system.

I am looking for a FREE utility to do this.  Please do not make a recommendation unless this is something that you know works.  I know how to search the net and have already done so with little success at finding a solid solution.  I have to wipe 15 servers so Kill Disk is not an option.
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

The operating system?
kaparaAuthor Commented:
should not be associated with an OS.  This is a complete wipe of the entire system.  Meaning all drives!
Boot from a linux live cd and use dd:

dd if=/dev/random of=/dev/dsk....

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Acronis True Image 2019 just released!

Create a reliable backup. Make sure you always have dependable copies of your data so you can restore your entire system or individual files.

kaparaAuthor Commented:
Which Linux live cd will recognize the Dell poweredge raid controller to allow me to write to the disks?

kaparaAuthor Commented:
My systems have between 3-6 drives.  How will I do this for all the drives?  Can I do this to a raid array or do I have to do it to each drive individually?
Reading this : http://www.delltechcenter.com/page/Linux+RAID+and+Storage
I would say ever 2.6.x Linux should do it...
Aah and for speeding up things, you may consider using /dev/zero as input and/or using a larger blocksize e.g. bs=4096
.. You may write to the array, but if this is configured as Raid 5 it would be slow.
Breaking up the array and star a dd job for every single disk will be the fastest
No free utility will do this, especially if the controller is operating in some sort of RAID mode.  The problem for the developer, is if the disk is in RAID mode, then the host O/S doesn't see the disk. It sees the RAID set.   If you are in even a single-disk RAID0, then the external O/S does not have access to 100% of the drive.   So now you need a developer's agreement with LSI so you can get access to the secret sauce.  Good luck if you don't bring anything to the table that motivates LSI to want to do that, especially if you sell competitive products.  So you have to be connected, and have to write software for RAID appliances and provide a value-added to THEIR customers.   It is a political and marketing hurdle.

So wave the magic wand and assume you have access to what you need to know.  Now you are dealing with an engineering problem.   You have to be very careful and if you mess up, then the RAID controller will think the disk failed and then go into some recovery intelligence. The drive just went offline, and now metadata is disappearing... the controller is NOT happy.  It fails the drive, maybe it then starts to get rebuilt.  The controller firmware crashes.  This isn't in any test scenario. Their firmware engineers have no idea if it will even work.  LSI isn't going to burn $10,000 of development resources to test or even look at it.  

Let's now say you're a genius :) and figure something out.

Next issue .. legal.  That non-disclosure says you cant provide any source code, or their lawyers take your house, business and children away.

So you are single, and now living off in some island.

Final hurdle, why in the heck would you spend all that time and money and give it a way for free?!!

Now in interest of full disclosure, my company actually has this problem solved, as we write software for companies that make appliances and have the full blessing of LSI.  Rules of EE prevent me from soliciting, and I am by no means soliciting, I am telling you why such a product that works with the RAID controllers can and will never exist for free, and to my best knowledge, nobody else has been able to do it, and even then, we don't support everything.  

Now if you are willing to crack open the case and put in a non-RAID controller, then simply enter
dd if=/dev/zero of=/dev/xxxxx   bs=1024k      (After booting to linux and figuring out the right device paths).   This is easy, but if you don't reconfigure the hardware then you will leave yourself exposed.  
Warning .. IF it is configured in ANY raid level, you can't possibly get the metadata. Prove it to yourself.  what does the capacity report, even on a RAID1.  If the disk is 500,000,000 bytes on the label, but if your BIOS or O/S says the disk is 499,xxx,xxx bytes, then no way was the disk erased.  

If you require compliance for HIPAA reasons, for example, this is a legal liability and current US Law puts the sysadmin and company senior management PERSONALLY and CRIMINALLY liable.  My advice, buy commercial software that does it right.  There are other issues like how to handle reserved/reallocated sectors and the verification/auditing stage.  Just because you tell dd to do it, if you can't PROVE it did 100% you are not compliant.

Sorry about the soopbox, but i've seen people burned.
kaparaAuthor Commented:
so if I delete the array and wipe the drives individually then that should work correct?
kaparaAuthor Commented:
esspecially if I do multiple wipes with random generation of data?
Yes, but not all controllers will actually let you present the raw disk drive.  That is the point, the sure-fire way under linux to know is do a cat /proc/scsi/scsi   If make/model is seagate such-and-such then you are safe because you are really talking to the disk, but if it says LSI, DELL, PERC, whatever, you know you are talking to a virtual drive so you will leave stuff.

Proper wiping requires 3 writes and then a verify pass.  The writes are all zeros, ones, then random.  so you have /dev/random and /dev/zero.   Do them both and if you just want to blow data away so that only somebody with a million bucks and access to CIA resources can get to it, then you are fine.  But technically you don't really know if it was done w/o doing the read/ pass to verify and the 1s pass, and there is no audit trail.    

Between you & me, yes, highly likely it is done, and i could sleep at night, unless this is for a 3rd party who needs those audit trails and compliance because it is medical, or there may be a credit card somewhere in the data. They can send you to federal prison, i've been told, so probably a felony. I'm not an attorney, but did go to a fire & brimstone lecture where they told us don't even think about  doing it wrong.  And if I'm on a soapbox unnecessarily, no prob.

Alternately, there are companies that will just do it for you in the $20 - $25 per disk, like http://www.geepglobal.com  who are recyclers and will break the machines down to gold, copper and such and wipe the disks for you in the process.   Or even though you don't want to pay money there are solutions out there that will cost you in the $500 range like santools.com software that works on non-RAID, or you could go with something from tabernus.com who makes various appliances to do this, just depends on if this is a regular thing or one-time only.  Hmm, you could buy a degausser which is great, it nukes disks with a magnetic field.  Very fast, 100% effective but make sure you buy one strong enough, it also turns disks into a paperweight that could never be used again as it erases sectoring.  It might be more cost effective and only takes a minute per disk.   Hope it has been helpful -cheers

kaparaAuthor Commented:
I need to keep the systems and drives but they are required to be wiped before shipping.  My systems are sas not scsi.  Is there a different command for that rather than  cat /proc/scsi/scsi  for sas?  
Nope. Everything I said applies exactly the same.  Reason is that SAS is SCSI by the way, just Serial SCSI.  The older SCSI you are familiar with is correctly called parallel SCSI.  (Fibre channel, just to be complete is also a form of Serial SCSI)
I don't know why Dlethe use so many words to scare you, but my understanding was that you are looking for a tool to wipe the userdata on the disk and not to destroy the disk or the firmware.
Sure if you a more concerned about legal compliance, go spend some bucks for the said tools and a lawyer
kaparaAuthor Commented:
When you say a verify pass does that mean if I have a scsi or sas card which is not raid and I am able to directly access the drives then the following would be acceptable using a Linux Livecd?  This assumes I see the drives as you mentioned.....

cat /proc/scsi/scsi   (This should reference each drive...ie sda, sdb and the make, model..etc?)

1st pass:  dd if=/dev/zero of=/dev/sda
2nd pass:  dd if=/dev/urandom of=/dev/sda
3rd pass:  dd if=/dev/zero of=/dev/sda

I will do this for each drive?  ie....sda, sdb, sdc

dd if=/dev/sda | hexdump -C | grep [^00] (For each drive after both passes have completed for each drive.)

The idea was to script this and output to a file for audit trail.

Would this process be acceptable?  How would I verify regarding reserved/reallocated sectors?
One of the passes has to be all ones.  A better alternative would be to make a 2nd random pass.

Piping dd through hexdump is going to take a LONG time too, but the shell script is better than nothing.

You will also have to get a byte count on the read and make sure it matches the entire disk, and also report block counts, and do without the reallocated sector count, as you just can't do that with dd.

Not bad, but to be frank, if these disks are 1TB or greater, then it will probably take all week to run.
Qlemo"Batchelor", Developer and EE Topic AdvisorCommented:
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Server Hardware

From novice to tech pro — start learning today.