DECSEraser
Connection
| Storage Type | Connection Type | Method | Implemented? | Notes |
|---|---|---|---|---|
| Hard Drive (SATA) | SATA | 5.25" 4x Bay 3.5" Enclosure > 4x SATA SAS Card > PCIe Slot A | Yes | |
| Solid State Drive (SATA) | SATA | 5.25" 4x Bay 2.5" Enclosure > 4x SATA SAS Card > PCIe Slot A | Yes | |
| Solid State Drive (NVMe) | PCIe/M.2 | 5.25" 4x Bay NVMe Enclosure > MiniSAS to M.2 > M.2 Slot A | No | Not showing up in BIOS |
Erasing
| Storage Type | Erase Type | Method | Implementation | Implemented? |
|---|---|---|---|---|
| Hard Drive (SATA) | - Baseline - Secure Erase - Decommission |
- Clear Partitions - 3 Pass Write - 7 Pass Write |
- sgdisk - nwipe - nwipe |
Yes Yes Yes |
| Solid State Drive (SATA) | - Baseline - Secure Erase - Decommission |
- Clear Partitions - Secure Erase - 7 Pass Write |
- sgdisk - hdparm - nwipe |
Yes Yes Yes |
| Solid State Drive (NVMe) | - Baseline - Secure Erase - Decommission |
- Clear Partitions - Secure Erase - 7 Pass Write |
- sgdisk - nvme_cli - nwipe |
Yes Yes Yes |
Logging
| Info | Location | Log To: | Implemented? | Data | Notes |
|---|---|---|---|---|---|
| User | - Script Input | - Ticket - Logfile |
No | - Username | Probably can implement as part of the kerb auth |
| Wipe Details | - Script Input | - Ticket - Logfile |
No | - Erase Level - Device Type - Device |
|
| Script Output | - Terminal Output | - Logfile | No | - All script output | Via transcribing or output redirection |
| Machine Data | - Registry | - Ticket - Logfile |
No | - Machine Name - Domain |
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\ComputerName\ComputerName HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters |
| Local Users | - Registry - Filesystem |
- Logfile | No | - Local User List | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList c:/Users |
| Domain Users | - Registry - Filesystem |
- Ticket - Logfile |
No | - Domain User List | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList c:/Users |
| Last Logged On User | - Registry | - Ticket - Logfile |
No | - Username | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\LogonUI |
| Storage Info | - Other | - Ticket - Logfile |
No | - Serial Number - SMART Data |
smartctl |
| System Info | - Registry | - Logfile | No | - Manufacturer - Model |
HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\BIOS Can't actually be done offline |
| Misc | - Misc | - Ticket - Logfile |
No | - Current Time - Date |
Other
| Goal | Task | Reasoning | Implemented? | Notes |
|---|---|---|---|---|
| Erasure Environment | Setup Alpine Linux Environment with SquashFS/No Persistence | Lightweight Linux Distro that can be loaded into RAM and be edited. Avoids wiping USB but also can be used on any machine and customized. |
Yes | |
| Scripted Erase Tool | Write a script to guide the erase process | Allows for ease of use, and ensures consistent workflow Can also tie in user auth, logging, etc |
Yes | Done via bash scripting in erase_drive.sh |
| User Authentication | Implement user authentication | For Auditing, Logging, connection to network shares, etc. | No | Probably kerb auth via krb5 |
| Logging | Implement logging | For auditing purposes | No | Record user, drive serial, grab user list (if windows/unix drive), grab hostname, record script inputs |
| Ticket Notes | Add ticket note through script | To keep keyword searchable records associated with a ticket | No | Send email to Otobo with small details such as level, hostname, serial, etc Might involve policy changes for when a ticket should be created. |