Any time a hard drive leaves your possession, whether you’re recycling, reselling, or returning it to the manufacturer, you should securely delete the data it contains.
Although physically destroying your old hard drives or running them through a degaussing machine are probably the safest ways to protect your data. These options will destroy the drives along with the data. And, they may not be practical in all situations — like when you need to return a drive that’s under warranty.
If you need to wipe a drive’s data, but not destroy the drive, many recommend Darik’s Boot And Nuke utility or DBAN for short.
DBAN is a free tool, that’s distributed as a CD-ROM .ISO image, which you can download from the DBAN.org. Once you download the image, you can use it and an ISO burning utility like Nero or Windows 7’s built-in tool to create a bootable optical disk or USB drive.
Now, a word of warning before we go any further. DBAN will destroy the data on your hard drive. This is what it’s designed to do. Use the tool with extreme caution.
Download and build the bootable media on a test machine. So that if anything did go wrong and you accidentally ran the program, you wouldn’t lose any valuable data.
You should also clearly label and physically secure any copies. This isn’t the type of disc you want just sitting around the office.
Once you’ve created your DBAN media, you can use it to boot the target computer. Remember to make this happen, you may need to change the machine’s drive boot order in the BIOS.
The DBAN boot menu includes additional information on the tool and offers two modes of operation — the Interactive mode is a good way to get a feel for the tool. I’ll go over it first, then talk about the Autonuke mode.
You’re first step when using Interactive mode is selecting a drive to wipe. Here you can see that the tool has detected a 146 GB hard drive. For safety reasons, the example uses a virtual machine, and that is why the identified disk is listed as a VMware virtual disk.
Press the spacebar to select a disk, which will indicate the “wipe” action in the box next to the disk.
One thing you should know, if you’re using DBAN with RAID arrays or special disk controllers, just know that it may not recognize all disk types.
Once you’ve selected the drive you want to wipe, you can used the tool’s default method or specify a more thorough one by pressing M.
DBAN offers several wipe methods, which offer different levels of thoroughness. In this example we’re using the Gutmann Wipe method, but this may not be the best method in all situations. You’ll want to choose a method that suits your needs.
Depending on the method you select, the time required to wipe the drive will vary. And remember, larger disks will also take longer to wipe than smaller ones.
With the method and drive selected you can press F10 to start the wipe operation. A status page is displayed to identify the write throughput rate, runtime, estimated remaining time, and which pass the task is currently on.
Now, let’s return to the other main option in DBAN — Autonuke.
This starts DBAN automatically, and requires that the word “autonuke” is typed on the boot screen.
When the Autonuke mode starts, the enumerated devices are automatically sent the wipe command with the US Department of Defense Short Method. This is a triple-pass wipe taking sequences 1, 2, and 7 from the standard DoD 5220.22-M wipe.
Aside from Autonuke and Interactive mode, pressing F3 will show some additional one-liners to enter for a quick start on a wipe task. These include each of the methods available on the disk that are available as a command to enter from the boot prompt to start a wipe.
For example, to select DBAN’s implementation of the DoD 5220.22-M method, simply type “dod” to perform the wipe on all enumerated disks.