meyerast/DECSEraser
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
DECSEraser/README.md

41 lines
3.4 KiB
Markdown
Raw Permalink Blame History

# DECSEraser
## Connection
|Storage Type|Connection Type|Method|Implemented?|Notes|
|-|-|-|-|-|
|Hard Drive (SATA)|SATA|5.25" 4x Bay 3.5" Enclosure > 4x SATA SAS Card > PCIe Slot A|Yes||
|Solid State Drive (SATA)|SATA|5.25" 4x Bay 2.5" Enclosure > 4x SATA SAS Card > PCIe Slot A|Yes||
|Solid State Drive (NVMe)|PCIe/M.2|5.25" 4x Bay NVMe Enclosure > MiniSAS to M.2 > M.2 Slot A|No| Not showing up in BIOS|
## Erasing
|Storage Type|Erase Type|Method|Implementation|Implemented?|
|-|-|-|-|-|
|Hard Drive (SATA)|- Baseline<br/>- Secure Erase<br/>- Decommission|- Clear Partitions<br/>- 3 Pass Write <br/> - 7 Pass Write|- sgdisk<br/>- nwipe<br/>- nwipe|Yes<br/>Yes<br/>Yes|
|Solid State Drive (SATA)|- Baseline<br/>- Secure Erase<br/>- Decommission|- Clear Partitions<br/>- Secure Erase <br/> - 7 Pass Write|- sgdisk<br/>- hdparm<br/>- nwipe|Yes<br/>Yes<br/>Yes|
|Solid State Drive (NVMe)|- Baseline<br/>- Secure Erase<br/>- Decommission|- Clear Partitions<br/>- Secure Erase <br/> - 7 Pass Write|- sgdisk<br/>- nvme_cli<br/>- nwipe|Yes<br/>Yes<br/>Yes|
## Logging
|Info|Location|Log To:|Implemented?|Data|Notes|
|-|-|-|-|-|-|
|User|- Script Input|- Ticket<br>- Logfile|No|- Username|Probably can implement as part of the kerb auth|
|Wipe Details|- Script Input|- Ticket<br>- Logfile|No|- Erase Level<br>- Device Type<br>- Device||
|Script Output|- Terminal Output|- Logfile|No|- All script output|Via transcribing or output redirection|
|Machine Data|- Registry|- Ticket<br>- Logfile|No|- Machine Name<br>- Domain|HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\ComputerName\ComputerName<br><br>HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters|
|Local Users|- Registry<br>- Filesystem|- Logfile|No|- Local User List|HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList<br><br>c:/Users|
|Domain Users|- Registry<br>- Filesystem|- Ticket<br>- Logfile|No|- Domain User List|HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList<br><br>c:/Users|
|Last Logged On User|- Registry|- Ticket<br>- Logfile|No|- Username|HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\LogonUI|
|Storage Info|- Other|- Ticket<br>- Logfile|No|- Serial Number<br>- SMART Data|smartctl|
|System Info|- Registry|- Logfile|No|- Manufacturer<br>- Model|HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\BIOS<br>Can't actually be done offline|
|Misc|- Misc|- Ticket<br>- Logfile|No|- Current Time<br>- Date||
## Other
|Goal|Task|Reasoning|Implemented?|Notes|
|-|-|-|-|-|
Erasure Environment|Setup Alpine Linux Environment with SquashFS/No Persistence|Lightweight Linux Distro that can be loaded into RAM and be edited.<br>Avoids wiping USB but also can be used on any machine and customized.|Yes||
|Scripted Erase Tool|Write a script to guide the erase process|Allows for ease of use, and ensures consistent workflow<br>Can also tie in user auth, logging, etc|Yes|Done via bash scripting in erase_drive.sh|
|User Authentication|Implement user authentication|For Auditing, Logging, connection to network shares, etc.|No|Probably kerb auth via krb5
|Logging|Implement logging|For auditing purposes|No|Record user, drive serial, grab user list (if windows/unix drive), grab hostname, record script inputs|
|Ticket Notes|Add ticket note through script|To keep keyword searchable records associated with a ticket|No|Send email to Otobo with small details such as level, hostname, serial, etc<br>Might involve policy changes for when a ticket should be created.|
Reference in New Issue View Git Blame Copy Permalink