# DECSEraser

## Connection
|Storage Type|Connection Type|Method|Implemented?|Notes|
|-|-|-|-|-|
|Hard Drive (SATA)|SATA|5.25" 4x Bay 3.5" Enclosure > 4x SATA SAS Card > PCIe Slot A|Yes||
|Solid State Drive (SATA)|SATA|5.25" 4x Bay 2.5" Enclosure > 4x SATA SAS Card > PCIe Slot A|Yes||
|Solid State Drive (NVMe)|PCIe/M.2|5.25" 4x Bay NVMe Enclosure > MiniSAS to M.2 > M.2 Slot A|No| Not showing up in BIOS|

## Erasing
|Storage Type|Erase Type|Method|Implementation|Implemented?|
|-|-|-|-|-|
|Hard Drive (SATA)|- Baseline<br/>- Secure Erase<br/>- Decommission|- Clear Partitions<br/>- 3 Pass Write <br/> - 7 Pass Write|- sgdisk<br/>- nwipe<br/>- nwipe|Yes<br/>Yes<br/>Yes|
|Solid State Drive (SATA)|- Baseline<br/>- Secure Erase<br/>- Decommission|- Clear Partitions<br/>- Secure Erase <br/> - 7 Pass Write|- sgdisk<br/>- hdparm<br/>- nwipe|Yes<br/>Yes<br/>Yes|
|Solid State Drive (NVMe)|- Baseline<br/>- Secure Erase<br/>- Decommission|- Clear Partitions<br/>- Secure Erase <br/> - 7 Pass Write|- sgdisk<br/>- nvme_cli<br/>- nwipe|Yes<br/>Yes<br/>Yes|

## Logging
|Info|Location|Log To:|Implemented?|Data|Notes|
|-|-|-|-|-|-|
|User|Script Input|Ticket<br>Logfile|No|Username<br>|Propably can implement as part of the kerb auth|
|Wipe Details|Script Input|Ticket<br>Logfile|No|Erase Level<br>Device Type<br>Device||
|Script Output|Terminal Output|Logfile|No|All script output|Via transcribing or output redirection|
|Machine Data|Registry|Ticket<br>Logfile|No|Machine Name<br>Domain|HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\ComputerName\ComputerName<br>HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters|
|Local Users|Registry<br>Filesystem|Logfile|No|Local Users List|HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList<br>c:/Users|
|Domain Users|Registry<br>Filesystem|Ticket<br>Logfile|No|Domain User List|HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList<br>c:/Users|
|Last Logged On User|Registry|Ticket<br>Logfile|No|Username|HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\LogonUI|
|Storage Info|Other|Ticket<br>Logfile|No|Serial Number<br>SMART Data|smartctl|
|System Info|Registry|Logfile|No|Manufacturer<br>Model|HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\BIOS<br>Can't actually be done offline|
|Misc|Misc|Ticket<br>Logfile|No|Current Time/Date||



## Other
|Goal|Task|Reasoning|Implemented?|Notes|
|-|-|-|-|-|
Erasure Environment|Setup Alpine Linux Environment with SquashFS/No Persistence|Lightweight Linux Distro that can be loaded into RAM and be edited.<br>Avoids wiping USB but also can be used on any machine and customized.|Yes||
|Scripted Erase Tool|Write a script to guide the erase process|Allows for ease of use, and ensures consistent workflow<br>Can also tie in user auth, logging, etc|Yes|Done via bash scripting in erase_drive.sh|
|User Authentication|Implement user authentication|For Auditing, Logging, connection to network shares, etc.|No|Probably kerb auth via krb5
|Logging|Implement logging|For auditing purposes|No|Record user, drive serial, grab user list (if windows/unix drive), grab hostname, record script inputs|
|Ticket Notes|Add ticket note through script|To keep keyword searchable records associated with a ticket|No|Send email to Otobo with small details such as level, hostname, serial, etc<br>Might involve policy changes for when a ticket should be created.|