Kill My Traces

Discussion in 'Software' started by Mr.Cheeks, Dec 18, 2006.

  1. zebulebu

    zebulebu Terabyte Poster

    3,748
    330
    187
    Not exactly...

    There are still forensic recovery tools out there that will allow the data to be recovered, but for your case its probably overkill to suggest that the IT department would bother with this - unless they REALLY suspected you'd been up to no good...

    Doing what you suggested will render the data unrecoverable by most utilities. Out of interest, which one are you using?
     
    Certifications: A few
    WIP: None - f*** 'em
  2. Mr.Cheeks

    Mr.Cheeks 1st ever Gold Member! Gold Member

    5,373
    89
    190
    So what would you advise Mr. Security Expert
     
  3. zebulebu

    zebulebu Terabyte Poster

    3,748
    330
    187
    There's two ways to remove data securely from a disk. One of them involves wiping the disk completely using a utility such as Killdisk - it does up to seven-pass wipe, which makes it as near as dammit impossible to retrieve anything from the disk at all.

    The second involves either industrial machinery, great heights or large magnets...
     
    Certifications: A few
    WIP: None - f*** 'em
  4. Mr.Cheeks

    Mr.Cheeks 1st ever Gold Member! Gold Member

    5,373
    89
    190
    Zeb - thats the prob - i dont want to "kill the disc", only the free area where data can be retrieved - i still need everything intact (OS, Apps, work's crap)
     
  5. slyuen

    slyuen Byte Poster

    112
    3
    34
    Brother, I'm not being cheeky but why don't you take the hard drive home with you (or swap another one in), if you're that worried.....

    DBAN.....MaxBlast......low-level format...etc.....
    all comes straight up in my mind when trying to destroy the data with zeros......(hey, you can do this bit on another old PC, and get yourself a new HDD and reinstall the OS..) there should be plenty of spares in your department......

    Bear in mind that if they want to catch you, they will catch you.

    Think of DNS cache, firewall logs, access logs, auditing...etc...
    The question is, will they spend this time doing this on you? or do they simply want to spend more time training up another tech to work independently sooner...


    Also, what if, just what if, they found stuffs, what're they gonna do about it? I doubt they would even be surprised, there must be tens of thousands of techs out there who has the same kinds of stuffs installed on their PCs, so what? no big deal mate...

    So I think you should relax now. There is absolutely no reason at all in this world to worry, at the very least, you're not working for MI5 or NSA, nobody will be interested in those stuffs.
     
    Certifications: ECDL,A+,Network+,CST,CNST,MCDST,MCSA
    WIP: MCSE, CIW, CCNA, CWNA, Others...
  6. Baba O'Riley

    Baba O'Riley Gigabyte Poster

    1,760
    23
    99
    Question: If Cheeks were to image the drive using Ghost or DriveImageXML for example, use Killdisk on the hard drive and then restore the image, would that work? Do the image programs only bother with existing files or do they take a sector by sector copy?

    Thinking about it, I believe DriveImageXML has both options and it's free.
     
    Certifications: A+, Network+
    WIP: 70-270
  7. Mr.Cheeks

    Mr.Cheeks 1st ever Gold Member! Gold Member

    5,373
    89
    190
    i was thinking about that this morning, but i totally forgot what i was thinking about. ...too much thinking hurts my brain.
     
  8. Bluerinse
    Honorary Member

    Bluerinse Exabyte Poster

    8,878
    181
    256
    There is always the built in Cipher /W command in XP..

    http://www.microsoft.com/technet/prodtechnol/winxppro/deploy/cryptfs.mspx
     
    Certifications: C&G Electronics - MCSA (W2K) MCSE (W2K)
  9. Sparky
    Highly Decorated Member Award 500 Likes Award

    Sparky Zettabyte Poster Moderator

    10,718
    543
    364
    Can you not use the system restore feature as well to roll back the laptop to a point in time before you installed the software? 8)
     
    Certifications: MSc MCSE MCSA:M MCSA:S MCITP:EA MCTS(x5) MS-900 AZ-900 Security+ Network+ A+
    WIP: Microsoft Certs
  10. nugget
    Honorary Member

    nugget Junior toady

    7,796
    71
    224
    If the only stuff you had on ther was a couple of programs that you 'shouldn't' have installed, then it's probably enough to uninstall them, delete all the leftover folders, search the registry with keywords and delete the keys.

    However if you have "other" stuff, then it migh be okay doing the defrag/fill game you mentioned.

    Just make sure that it works when you give it back and they'll have no reason to do a bit by bit search of the hdd.
     
    Certifications: A+ | Network+ | Security+ | MCP (270,271,272,290,620) | MCDST | MCTS:Vista
    WIP: MCSA, 70-622,680,685
  11. NetEyeBall

    NetEyeBall Kilobyte Poster

    279
    10
    45
    Dude...just load up some porno and kaza and bonzi buddy. The techs will be so interested about the porno and bonzi buddy that they won't even notice the hacking software! :D
     
    Certifications: CCNA, A+, N+, MCSE 4.0, CCA
    WIP: CCDA, CCNP, Cisco Firewall
  12. supag33k

    supag33k Kilobyte Poster

    461
    19
    49
    Load a copy of Linux over it :twisted:

    :blink

    Say that you got carried away with the latest linx free CD

    ...make sure that it formats the whole disk with Reiser or ext 3 file system....

    Buddy if you are leaving as long as the Pc comes back physically in one piece and boots.....!

    :blink :biggrin :twisted: :rolleyes:
     
    Certifications: MCSE (NT4/2000/2003/Messaging), MCDBA
    WIP: CCNA, MCTS SQL, Exchange & Security stuff

Share This Page

Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.