Last Updated on December 3, 2015 by Dave Farquhar
A friend asked me a favor in church one Sunday: He had a computer he wanted to clean off so he could donate it, but since it had financial data on it, he wanted to make sure it was cleaned up securely. I recommended Darik’s Boot and Nuke, which I’ve recommended before, but he wasn’t able to get it working for whatever reason. So he asked if I would clean it if he dropped it off. I agreed.
Rather than burn a DBAN disc, I just took the hard drive out and put it in a Linux box and wiped it with that. It was easier than trying to find a blank CD.
I suspected it was /dev/sdb, the second hard drive. So I ran the following:
fdisk -l /dev/sdb
And I received the following output:
Disk /dev/sdb: 160.0 GB, 160000000000 bytes 255 heads, 63 sectors/track, 19452 cylinders, total 312500000 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disk identifier: 0xd0f4738c Device Boot Start End Blocks Id System /dev/sdb1 63 144584 72261 de Dell Utility /dev/sdb2 * 144585 305090414 152472915 7 HPFS/NTFS/exFAT /dev/sdb3 305090415 312496379 3702982+ db CP/M / CTOS / ...
That told me what I needed. The drive is at /dev/sdb, and the data is on /dev/sdb2. I left the other partitions alone, since it’s a Dell computer. The first partition looks like a utility partition and the third one looks like some kind of recovery partition.
So I wiped /dev/sdb2 with the following:
dd if=/dev/urandom of=/dev/sdb2 bs=1024k
This overwrites the partition with random data. On this 156 GB partition, it took a while–something like three hours. I then followed it up with this:
mkfs.ntfs /dev/sdb2
This creates a valid NTFS filesystem on the partition, but first overwrites it with zeroes.
Overwriting multiple times would be better, but writing random data, then zeroing it out, formatting the partition and installing Windows on it is likely to be safe enough. At that point, recovering data from the drive is likely to cost more than the data is worth.
David Farquhar is a computer security professional, entrepreneur, and author. He started his career as a part-time computer technician in 1994, worked his way up to system administrator by 1997, and has specialized in vulnerability management since 2013. He invests in real estate on the side and his hobbies include O gauge trains, baseball cards, and retro computers and video games. A University of Missouri graduate, he holds CISSP and Security+ certifications. He lives in St. Louis with his family.