How much wiping do you do? :)

[nbaronian at gmail.com (Nick Baronian)]

http://www.metasploit.net/data/antiforensics/slacker.exe

Here is a good write up on it -
http://synfulpacket.blogspot.com/2008/11/metasploit-anti-forensics-project-mafia.html



On Wed, Apr 15, 2009 at 9:34 PM, Adrian Crenshaw <irongeek at irongeek.com>wrote:

> I sent a simular question to Scott Moulton, but I figured I'd ask in this
> gorup as well. I always wondered if wiping with more than just all zeros was
> necessary, then I saw this:
>
> http://16systems.com/zero.php
> and this
> http://www.anti-forensics.com/disk-wiping-one-pass-is-enough
>
> So, is it totally useless to wipe a drive more that once? What would it
> take to get the data off of a drive wiped once with all zeros?
>
> Also as a side note, Scott sent me a link to this tool awhile back that
> uses some on board stuff of modern drives to wipe even sectors marked as bad
> by the internal drive logic:
>
> http://crystalmark.info/download/index-e.html
>
> One more side note: Anyone know how I can wipe my slack space with an
> arbitrary set of bits? I though it would be funny to but the lemonparty jpg
> all over my slack space for investigators to find :)
>
> Thanks much,
> Adrian
>
> _______________________________________________
> Pauldotcom mailing list
> Pauldotcom at mail.pauldotcom.com
> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> Main Web Site: http://pauldotcom.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20090415/911fdfdc/attachment.htm