I’ve bee questioned several times how to erase a harddisk and make it impossible to restore the data. The answer is: melt it down. So lets see what we can do to make it as hard as possible to restore the data. Ihe first way is simply deleting the files, and this is a bad way, because the data stays on the disk, only the entries to the filesystem (inodes, whatever) are removed.A better way is to overwrite the entire disk, for example with dd. But even then it is possible to restore the the content, because there are minimal magnetic effects that can be used for a analysis. So it’s better to overwrite the stuff several times, a job that does not make fun executed by hand. The little utility wipe can help, and has one big advantage: it can also ’secure’ erase several files, but not the whole disk, by overwriting these files several times. But the security on a journalling filesystem remains questionalble.
So if indeed the whole disk should be erased, I prefer dban. This comes as a little Linux, running from CD (or even floppy) with the only purpose to send data on hard disks to hell. It does this by using well known industrial standards like DOD 5220.22-M or the Gutmann method. This may take some time, but it’s safe, easy, and can be used nearly without any knowledge of computers. And i reccomend to use it, everytime you sell or give away a hard disk. And at least, for me it’s a good reason to have a ‘red disk’ again

Bookmark to:

Tools, Adventskalender | 2 Kommentare »

Once in a whileUsually, if you are registering at some kind of web service, you’re questioned for a email address to receive some kind of activation code. What happens with your mail address thereafter us mostly unknown. To prevent it from being abused by spammers, it might be a good idea to use temporary mail addresses.
10minutemail offers these in a very simple way. Once you enter the site, you get access to a email box and are able to receive messages for 10 minutes. But be aware, theres no form of encryption or authentication, so its possible for a 3^rd party to read these mails, too. Therefore you should avoid using this for sensitive data, but for evaluating different services without giving away your personal address this works fine.

Bookmark to:

Tools, Adventskalender | 2 Kommentare »

Today i found a quite cool extension for the firefox Browser: Tamper Data. This nice tool enables the user to view and change every HTTP Request, before it is send to the server. So it’s possible to spoof nearly every kind of header information.

Who’s willing to try can do this here with the credentials admin:ngsec. The login works if the referrer is set to ‘http://www.ngsec.com’

Bookmark to:

Tools | 1 Kommentar »

Recently, I stumbled upon a small tool called TTCP. I’ts not feature rich at all, the only thing it does is sending TCP (or UDP) packets between two Computers, acting as client on one, and as a server on the other side. The amount of data can set to any specific value, as well as the ports of the established connection. That’s it. For the evaluation of load balancing or QoS this works great… I love that thing.

Bookmark to:

Tools | 3 Kommentare »