SANS Digital Forensics and Incident Response Blog: Tag - disk wiping

Sanitizing Media (The Linux Method)

Hal Pomeranz, Deer Run Associates

I've been wiping a lot of media lately. Mostly these are USB devices that we've used to share evidence and other data during an investigation. I want to be sure that I don't accidentally disclose any data from my cases, and I also want to know when I reach into my bag for a USB stick that it's not going to be polluted with other data. And when I get new media (from a vendor, trade show, or whatever) I always have a strict policy of wiping the drive completely from my Linux box (which is specifically configured not to automount new media) before it gets near any Windows machines that might have autoruns enabled.

Happily, Linux makes this whole process quite straightforward with just a few simple command-line tools.