× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.



FWIW, for nefarious activities I would think it'd be much easier to get a job 
as say a customer rep for a company. Then download the data to a jump drive via 
ODBC than the cost and time it would take trying to data mine iSeries disks 
(given Single Level Storage and all) that had the disks initialized and removed 
from the system.  

It's just an observation on my part. 

Ken H.

-----Original Message-----
From: midrange-l-bounces@xxxxxxxxxxxx
[mailto:midrange-l-bounces@xxxxxxxxxxxx]On Behalf Of Larry Bolhuis
Sent: Tuesday, January 16, 2007 8:11 PM
To: Midrange Systems Technical Discussion
Subject: Re: Erasing DASD-decommission an AS400/iSeries/System i


OK As 'the list' has pointed out, simply deleting the system will not 
erase the data well enough to qualify for DOD specs. However let's do a 
little thinking.

1) i5/OS blows data all over the disks. Because of this you would need 
to 'un-erase' all disks if you want to be sure you're getting all the 
data back.
2) If you have any number of disks this is gonna be REAL expensive.
3) Assuming tha you un-erased all disks 100% perfectly. (not so likely) 
you have to put them in a qualifying machine and do some password 
hacking to get in.

So, you've spent one large amount of time and money getting into the 
machine.

Let's make it harder. Before you are ready to delete hte machine do this:

1) Write a small program that will write a 1024 byte record of all 
binary 1's (FF) or 0's (00)
2) Create a file to match with *NOMAX. No access Path just one 
*REALLYBIG file.
3) Erase all yer stuff. All yer libraries, devices, user profiles and 
all LPPs you don't want.
4) Copy your program into QSYS.
5) Clear all copies of QHST.
6) Delete any PTF Save Files etc especially for PTFs.
7) Empty all remaining print queues and RCLSPLSTG *NONE
8) In restricted condition call your program telling it to write 00s 
until the disk is full.
9) Call your program to UPDATE all records to FFs
10) Call your program to UPDATE all records to 00s
11) Call your program to UPDATE all records to FFs
12) Call your program to UPDATE all records to 00s
13) Call your program to UPDATE all records to FFs
Lather, Rinse, Repeat until you are happy.

Here's the logic.

I) The stuff still on the machine is now i5/OS and it's bits.
2) Your stuff, your profiles, your data is gone and as such the space it 
occupied is now available.
3) You write 00s over all available space thus writing over your data.
4) You write FFs over all available space thus writing over your data 
(again) with different data.
5) Lather Rinse Repeat.

If you deleted the O/S and reloaded it and THEN ran this program you 
wouldn't be writing over all your stuff since the O/S goes all over the 
disks maybe in places your stuff was therefore blocking the program from 
writing 00s and then FFs on those disks.

A DOD erase involves multiple passes of 00s and FFs etc.

Specifically you have not done this to the entire system but you have 
done it to your data. Write it enough times and your data is good and gone.

Will this take some time? Yah sure but it's doing all disks at once 
rather than one single disk at a time.

I dunno if auditors would find this 'good enough' but methinks that data 
is good and gone while the disks are still useful.

 - Larry

Jerry Draper wrote:
This IBM document says to IPL off of a SavSys21 tape to initialize DASD
on an AS400 prior to decommissioning a system.

I am familiar with DOD specs of writing random strings of data in 7-9
passes to disks to really "delete" the data.  Alternately there are
system (PC based of course) that write strings of zeros to data areas.

Anyone know if just initializing the disks and adding them to an ASP
will be sufficient?

Jerry

  


As an Amazon Associate we earn from qualifying purchases.

This thread ...

Follow-Ups:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.