Tag Archives: forensic

Debian GNU/Linux 9 “Stretch” to Ship with a Bunch of Digital Forensics Tools by https://is.gd/N7DBub


Debian developer Michael ‘mika’ Prokop announced today that he’s team over at Debian Forensics will include and maintain a bunch of digital forensics tools, along with their dependencies, in the upcoming Debian GNU/Linux 9 “Stretch” release.

from https://is.gd/N7DBub

Selected by Galigio via Computer Borders

How to permanently remove files in Ubuntu/linux and make them unrecoverable by NickMcDTV


How to shred (permanently delete) files from your Hard Disks on Ubuntu Linux

In our last post we examined the possibility to recover deleted data from USB keys and disks. Today we want to focus your attention on the proper way to destroy sensitive data from your disks.

On Ubuntu you have the possibility to move any file to the Trash but, as we demonstrate in our last post, anyone has the possibility to recover them using a simple, basic GUI, program called PhotoRec.

If you want to be reasonably sure that none will be able to recover a file you decided to permanently delete you have to use the Shred command. Shred is native in Ubuntu Kernel and literally delete your files overwriting them repeatedly with arbitrary data. After you delete a file with Shred you can be sufficiently sure that recovering procedures will not succeed.

As usual we must warn you that technology is rapidly evolving and what could be considered sure today, tomorrow will be out of date! So, if you think you need to preserve your privacy in the best way, don’t forget to change the hard disks regularly and mechanically destroy your old ones. Sincerely we hope our readers haven’t this kind of need.

To start using Shred on Ubuntu you have to open a Terminal and type:

sudo shred –help

In this way you will visualize the grammar and all the possible options offered by this program.

The correct grammar to use Shred is:


or, if you want to shred a entire partition:

shred [OPTIONS] /dev/[HDA9]

The possible options are:

  -f, –force    change permissions to allow writing if necessary
-n, –iterations=N  overwrite N times instead of the default (3)
–random-source=FILE  get random bytes from FILE
-s, –size=N   shred this many bytes (suffixes like K, M, G accepted)
-u, –remove   truncate and remove file after overwriting
-v, –verbose  show progress
-x, –exact    do not round file sizes up to the next full block;
this is the default for non-regular files
-z, –zero     add a final overwrite with zeros to hide shredding
–help     display this help and exit
–version  output version information and exit

In our experience, to operate in the fastest way, we decided to add Shred on the Nautilus Menu and have the command ready with a simple right click on the mouse.

For this reason you have to open a Terminal and type:

sudo apt-get install nautilus-actions

Then you launch the program following this path: System->Preference->Nautilus Actions Configuration.

Last, you have to configure Shred filling e.g. the following parameters:

Label: Shred
Tooltip: Shred utility to securely erase files
Icon: gtk-dialog-warning
Path: shred
Parameters: -f -u -v -z %M
Filenames: *
Mimetypes: */*
Appears if selection contains: Both
Be sure to check the box “Appears if selection has multiple files or folders“

To finish your configuration, do not forget to open again a Terminal and type:

nautilus -q