Best way to create your own 'wipestation'?

I used to use a machine with a dban disk all the time. If you can find a nice old tall tower unit, give it a decent PSU you can fill it with PCI IDE cards, buy a couple of SATA adapters and wipe a fair amount of drives at a time. I've wiped 6 (some of which were plugged in via usb caddies) at a time using a similar system but I'm not sure what the limits are.

The only problem I found with DBAN is that if there was a really duff hard drive it (sometimes) crash the entire process when it hit bad sectors on that device, stopping wiping on all others. Try scanning your drives with MHDD first, checking they work before wiping them. Also, MHDD is another acceptable way of wiping the drives if you can use the keyboard commands, it is just not as recognized a method as DBAN which can perform multiple and sudo random wipes

Well, wouldn't it be better using internal ATA commands?

Why not wiping on the "original" machine with a bootdisk and CMRR Secure Erase?
http//cmrr.ucsd.edu/people/Hughes/SecureErase.shtml

Or if you go for the "wiping station" use hdparm
https://ata.wiki.kernel.org/index.php/ATA_Secure_Erase

Being an internal command of the ATA disk interface, it is faster than anything else (and allows also wiping some areas that software soultions won't be able to access).

jaclaz

P.S. Sorry for my bad english, it is not my main language.

And yet it's better than many for whom English is their main language.

Personally, I would wipe in the native machine as part of my upgrade process. That way, when your finish upgrading a work station, you are finished. Start your wiping utility at close of business on the day before you plan on upgrading the workstation.

First of all, thanks for the replies. I really appriciate it.

In the past I've studied a lot about wiping techniques and I remember Secure Erase. I've also used HDDErase and HDParm but I do have a bad expierence with it. I remember it only works in certain BIOS's and in the end the only way to use to tool was by 'hot-plugging' the drive. I've never used those tools ever since.

I rather remove the HDD's from the systems because I've got about 15 workstations standing next to me. Plugging in the cables, starting and monitoring the wipe process all the time would be a pain in the a*s. Plus, some have defect hardware (for example malfunctioning motherboard).

I do not want to spend a lot of time at the wipestation. I just want to create a wipe-task for multiple hard disks and come back after a couple of hours. I've got a lot of more stuff to do. If I would need to come back to type in a command to start another wiping process, the amount of manhours would increase, which will result in more costs for the company.

Also, I've read that a single-wipe (1-pass) would theoreticly be enough. Can anyone confirm this?

P.S. The outdated workstations are not used anymore. So I really have a open schedule. The new, upgraded workstations are gonna be placed in a new built area.

If you are going to ultimately shred the drives, spending a bunch of time wiping is going to be very tedious. I would suggest a degausser. Something as simple as this

Model 1100 Degaussing Wand (NSA Approved) Sale price $531.00

- Degausser does not require electricity for operation
- Easily sanitizes 100 hard drives per hour

Also, I've read that a single-wipe (1-pass) would theoreticly be enough. Can anyone confirm this?

Sure it is enough, and NO, noone can confirm this, the community is divided in two parts, people that believe that a single wipe is enough because every evidence leads to this AND they were never able to recover a single byte after a single pass and people that believe that more that one is needed (including a few that actually claim to have recovered data after a single pass but never provided any detail, report, or reproducible method, expecially with "new" hard disks -anything produced in the last ten to 15 years).

http//www.forensicfocus.com/index.php?name=Forums&file=viewtopic&t=2065
http//www.forensicfocus.com/index.php?name=Forums&file=viewtopic&t=3387

jaclaz

The NIST published a report in 2006 stating that a one-pass wipe is sufficient.

According to the 2006 NIST Special Publication 800-88 Section 2.3 (p. 6) "Basically the change in track density and the related changes in the storage medium have created a situation where the acts of clearing and purging the media have converged. That is, for ATA disk drives manufactured after 2001 (over 15GB) clearing by overwriting the media once is adequate to protect the media from both keyboard and laboratory attack."

If the NIST says it's fine, I won't argue…

if you are not using the hard drives again your cost to permanently discard the machines is a self cleaning oven and venting.

I have wrote about this before, but the 'fastest' way to "wipe" drives is bake them.

That is, put all the hard drives into the oven of a self cleaning oven, then put the oven on self-clean. I prefer electric instead of gas.

You can wipe maybe 50 drives in an hour. lol

The self cleaning phase (depending on the model) can be as high as 1,200F (648C). It is plenty high to completely lose their magnetism (heat induced flux degeneration) of the particles.

Most magnets lose their magnetism above 170F (80C), even Samarium-Cobalt and Nd-Fe-B will lose it at 648C.

Of course, the controller, gaskets, and every non-metallic material will be totally disintegrated too. Do not forget to vent the oven outside, and to have a deep enough metallic drip pan on the bottom! mrgreen

Greetings,

Conspiracy theorists would say that the NIST supports one pass wipes because their counterparts at NSA can recover data if its only been wiped once. -)

-David