How to Securely Erase Hard Drives

 Security  Comments Off on How to Securely Erase Hard Drives
Nov 242019
 

Recently I found a few old 2.5” laptop hard drives in storage and figured I would try sell them for a few bucks on Ebay but first I wanted to make sure my personal data on them was erased. As an experienced sys admin I am already in the habit of formatting an old PC hard drive before replacing it with a newer one.  However, just deleting the data off a hard drive is not enough to prevent someone else from potentially recovering your data and putting you at risk of identity theft. In fact in 2010 a UK study of 200 hard drives obtained online found 48% still had readable information on them.

Disclosure: This post may contain affiliate links, meaning I get a commission if you decide to make a purchase through my links, at no cost to you. Please read my disclosure for more info.

Without getting too detailed when deleting files on your computer the operating system will simply mark the space storing them as “free” space to be overwritten later by new files -not physically deleting the old ones.  You may no longer see that file on your computer but it’s technically still there until the OS physically writes new data (i.e new files) in that same space. This mechanism is in fact how data recovery programs are able to get your files back so easily when you accidentally delete something.

While researching how best to go about erasing data I learned there are few things to take into consideration to get the best results. For example Solid State Drives (SSD) require more attention to securely erase data than traditional Hard Disk Drives (HDD) because SSDs use flash memory to store data -there is no physical disk being used. Time is another important consideration is because erasing your data may take several hours depending on the method that you choose. And contrary to popular belief drilling holes or shooting your old disk drive with a gun while entertaining will not completely destroy the data on it. Yes it damages parts of the drive but data contained on the other parts could still be recovered. The average home user will not have the hardware or willingness to recover said data but it still needs to be mentioned.

In this walkthrough I show how to securely erase a hard drive using the free tool DBAN – Darik’s Boot and Nuke.

image

 

Secure Erase or Securely Erasing?

There’s quite a bit of confusing terminology with regards to data erasure.  For example Secure Erase refers to the ATA Secure Erase commands which are run using the firmware of a hard drive. You can’t access these commands from within a Windows command line. You have to leverage a software tool to execute the commands against the drive’s firmware. Securely erasing refers in general the techniques or methodology used to eliminate or better yet sanitize your personal data from a hard drive. One of those methods is Secure Erase and another method is overwriting the the old data multiple times with new data.

 

Setting Things Up

Since the hard drives I wanted to erase were not physically installed in a computer I needed a convenient way to attach them to my PC without having to reinstall anything. To accomplish this I used the Sabrent 2.5” SATA HDD/SDD to USB 3.0 Adapter. It worked flawlessly and did not require any effort to configure beyond connecting cable to drive and the other end to my PC.

image

 

On my PC, a Dell 2720 I have VMware Workstation 15 Player installed with Windows 10 x64. In the properties of that VM I have a virtual CD-ROM configured which loads the boot .iso file of the tool I am using to erase hard drives. One challenge I experienced with this setup was that the free edition of VMware Player would not recognize the boot image. Initially the VM would just go straight to the Windows desktop ignoring the boot .iso file.  To remedy this I discovered that you have to edit the VM’s .vmx conf file (using Notepad) and delete the entry for firmware = “efi”. After deleting this line, simply save the file, restart the VM, and then the boot .iso file will work as expected.  To locate this file just go to the path where the VM is stored. The .vmx file is in the root folder. If you have the Pro version of WMware Workstation Player you can edit this setting in the VM’s Advanced Settings. Once you’re done using the .iso image you may need to replace the firmware=”efi” statement to get Windows to load properly. Otherwise if you create a blank VM without an OS installed you can leave the firmware statement out of the config file permanently.

image

 

DBAN – Darik’s Boot and Nuke

Darik’s Boot and Nuke created by Darik Horn is probably the most well known free data destruction tool.  In 2012 it was acquired by a 3rd party that sells their own data wiping tool but DBAN is still free and available to download from SourceForge.net. DBAN “erases” your data by overwriting the entire disk drive multiple times with new, irrelevant data in accordance with complex algorithms. You could think of this process as digital file shredding.

image

 

The home screen has a friendly warning just in case you weren’t sure what the purpose of the software is.  Pressing Enter will start interactive mode which allows you to select which hard drive to erase.

image

 

On the next screen use the J / K keys to move up and down the list of available drives and press Enter to select the drive to erase. Upon pressing enter you’ll see the word wipe next to your selection. Next just press the F10 key to start. In this example I am using the DoD Short method which features 1 Round with 3 passes to erase the data.

 

image

 

In the picture above you can see the progress, with 50% complete, there are still 4 hours to go. So this 320 GB 5400 RPM drive will require approximately 9 hours to complete erasing using the DoD Short method.

 

image

As a comparison I also used DBAN on a 250 GB SSD and as expected the performance was considerably better with 57% complete in only 2 hours.

 

image

 

Samsung Magician Secure Erase

Samsung EVO drives are among the fastest SSDs you can get. If you are using them you should download the free tool Samsung Magician. In additional to offering several health and performance tools it also features Secure Erase.  I won’t go into detail of this tool here but just wanted to call it out in case you weren’t aware of it.

image

 

image

In Summary

Erasing data off your disk drive or Solid State drive is an easy but important step you can take to minimize any chance of your personal data from being discovered when you sell or recycle your old drives.  Secure Erase or Darik’s Boot and Nuke are two tools that make it easy to erase your data permanently. Thanks for reading!

Avatar

Peter Viola

Creative, customer focused, results oriented, Senior Web Systems Engineer who enjoys providing the highest level of customer service supporting complex Windows hosting solutions. MCITP, MCSA, MCTS

More Posts - Website

How to Hot Add CPU and RAM with VMware vSphere

 Windows Server 2008, Windows Server 2012  Comments Off on How to Hot Add CPU and RAM with VMware vSphere
Aug 092014
 

One of the many benefits of using virtual servers over physical servers is the ability to add server resources such as CPU, RAM, and disk space on the fly without downtime. An addition drawback with a physical server is that you were often limited by the physical capacity of the server.  Once those limits were reached the server couldn’t be upgraded further.  Adding resources also required powering off the server which in turn would require coordinating with business owners and impacted users. Not all editions of Windows support hot-add so be sure to confirm your server is supported before starting. In this walkthrough I’ll show how easy it is to add server resources using VMware’s vSphere client.\r\n

Logging into vSphere Client

\r\nAfter authenticating on my network with the VMware vSphere 5.5 client I go to Hosts and Clusters under Inventory. From here I have access to all the virtual servers configured in our environment. After selecting the server to be upgraded you will be see the Getting Started tab. From here you have access to the usual administrative tasks such as starting, stopping, and restarting the server as well as performance reporting and events about the server. Click Edit virtual machine settings to add resources.\r\n\r\nCapture2\r\n\r\n \r\n

Enabling RAM and CPU Hotplug

\r\nAdding the additional resources is straight forward. However when you begin you may find the CPU and Memory properties disabled. This indicates that the server has not been been previously enabled for hot adding resources. In this instance the server will need to be shutdown before you can upgrade these resources.\r\n\r\nCapture3\r\n\r\n \r\n\r\nFortunately fixing this for future upgrades is a simple matter. When the server is powered down click on the Options tab of the Virtual Machine Properties. Under the Advanced settings go to the Memory/CPU Hotplug properties. Click Enable memory hot add and Enable CPU hot add. Click OK to save the changes. After the server is powered back on you will now be able to add CPU and Memory without having to first shutdown the server.\r\n\r\n \r\n\r\nUntitled-1\r\n\r\n \r\n\r\nTo add additional virtual CPUs simply increase the Number of virtual sockets and click OK to save the changes.\r\n\r\ncore\r\n\r\n \r\n\r\nTo add additional Memory to the server adjust the Memory Configuration accordingly and click OK to save.\r\n\r\nUntitled-2\r\n\r\n \r\n\r\n \r\n

Adding Additional Disk Space

\r\nIn addition to adding CPU and Memory to the server during this maintenance window I am also going to add disk space. Adding additional disk space is just as straight forward as adding CPU and Memory. In the Virtual Machine Properties on the Hardware tab go to the Hard disk settings. Increase the Provisioned Size by the new amount and click OK to save the changes. Windows will not automatically recognize the new space so the final step of the upgrade will be log into the server and Extend the server’s disk drive. This can either be accomplished using vShere’s server console window or by connecting to the server with Remote Desktop.\r\n\r\nCapture5\r\n\r\n \r\n

Extending Windows Disk Space

\r\nAfter logging into Windows open the Computer Management snap-in. In the console tree click on Disk Management under Storage. You may need to Rescan the disk before Windows will see that the new space is available.\r\n\r\nCapture6\r\n\r\n \r\n\r\nStep through the Extend Volume Wizard to allocate the additional space on the existing volume.\r\n\r\nCapture7\r\n\r\n \r\n

In Summary

\r\nVMware vSphere offers System Administrators complete control over virtual server properties. Adding additional CPU, RAM, and disk space is  straight forward and in many cases can be performed without having to shutdown the server.  To help minimize downtime of your next maintenance window, double check the edition of your Windows server supports hot-add and confirm the Memory/CPU Hotplug property has been enabled. Thanks for reading.

Avatar

Peter Viola

Creative, customer focused, results oriented, Senior Web Systems Engineer who enjoys providing the highest level of customer service supporting complex Windows hosting solutions. MCITP, MCSA, MCTS

More Posts - Website