RE: DoD approved disk wiping tool

["Steve Armstrong" <stevearmstrong () logicallysecure com>]

Although, not to US standards but to UK Government standards check out
the Directory of assured products -
http://www.cesg.gov.uk/site/publications/media/directory.pdf 

Alternatively look at the Common Criteria data security part of the
tested products guide -
http://www.commoncriteriaportal.org/products_DP.html#DP 

However, I cannot think that a standard that lets you wipe something you
cannot out your hand on would really have high requirements - it seem
too dangerous - if you get the IP address wrong and how does the
software run - not from the resident and running OS.

Most wiping software boots from its own writable media, installs its own
OS.  They record the size of the drive, confirm the wiping is to occur
and then wipes the drive.  Its clean up processes are to check the size
of the drive again, record the drives unique serial numbers and the
number of overwrites to a record that can be printed later (from the
writeable media).

So I cannot see how this can be done securely in a non local
environment.

HTH

Steve A

-------------------------------------------------------

Check out the Russix Support Forum @
http://www.logicallysecure.com/forum/viewforum.php?f=6 


-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of JP Vicente
Sent: 27 March 2008 13:32
To: security-basics () securityfocus com
Subject: DoD aproved disk wiping tool

Hello,

Is there a way of wiping a hard drive remotely over a network using an
approved DoD 5200.28 standard hard drive wiping tool. Additionally, is
there a wiping utility besides bcwipe that is NSA approved?

JP