DiskSlaw is a tool for mass wiping of disks whether they be mechanical or solid state.
I wanted a solution that would:
- Use the most appropriate wiping method for a media
- Worked across manufacturers
- Could be booted from USB and not wipe its own USB
- Once setup was relatively easy to use
- Was customizable to allow automated reporting
Existing solutions forced either :
- Only wrote random data to the drive, this is not the preferred method to wipe solid state media
- Only worked on drives made by the same manufacturer
- Required booting into a Linux distro and running the commands manually
- Parallel wiping if multiple disks exist
- Quick validation that the disk was wiped by placing a string on the disk thrice and ensuring it was removed
- ISO Built on Ubuntu 18.04 Bionic for hardware support
- Selects the correct wipe type for a disk
- NVMe Secure Erase using nvme-cli on NVMe disks
- SATA Secure Erase on Disks that support it (Typically SSDs)
- Detects if the drive is "frozen" by the OS and will enter sleep mode to unfreeze it
- Shred using Random or Zeros if none of the above are supported
- Configurable
- Skip certain devices - Defaults to skipping USB and removable devices
- Erase type can be changed
- Can launch custom wrapper script over http/https using CUSTOM_SCRIPT kernel argument
- Requires use of the custom_script ISO
- Custom script can inject CSV report to send along to documentation system or notification
The NVMe drive shows a warning because VirtualBox doesn't emulate NVMe format so it fell back to using shred
Overview of use
- Download ISO from releases
- Burn ISO to disk
- Boot the flash drive by using F12/F10 to select it from the boot menu on the PC you would like to wipe
- Download the ISO from releases
- Use a tool such as RUFUS or YUMI to create a bootable flash drive by pointing to the ISO
- Boot the flash drive by using F12/F10 to select it from the boot menu on the PC you would like to wipe
Using iPXE is recommended due to the download being over half a gigabit. See Setting Up Network boot on a Linux Server on the Wiki for a step by step guide
- Configure the DHCP scope to boot ipxe - See instructions from ipxe.org Chainloading iPXE on ipxe.org
- Download the ISO from releases
- Extract or mount the ISO
- Copy the filesystem.squashfs vmlinuz, and initrd from our disk (v0.3-alpha) or higher 4.1. If you use Microsoft IIS as your web server you will need to add ".squashfs" and "." as a MIME type of "application/octet-stream"
- Create an iPXE script like below to boot the disk (WARNING : It will autoamtically wipe without further input unless there is a frozen SSD)
#!ipxe
kernel http://<WEBSERVER>/vmlinuz
initrd http://<WEBSERVER>/initrd.lz
imgargs vmlinuz boot=live dhcp fetch=http://<WEBSERVER>/casper/filesystem.squashfs nouveau.modeset=0 nomodeset --
boot
To build this fork:
- Install Debian 9 Stretch OS
- Install git and clone this repo
- chmod +x build.sh
- ./build.sh to begin running it.