× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.



I was thinking along these lines as well. Not hard to do. Could even cause it to die when the system gets to 95% DASD by monitoring the system. Surprised TAATOOLS doesn't have this one.

So Larry, is it done yet?

Jerry

Larry Bolhuis wrote:
OK As 'the list' has pointed out, simply deleting the system will not erase the data well enough to qualify for DOD specs. However let's do a little thinking.

1) i5/OS blows data all over the disks. Because of this you would need to 'un-erase' all disks if you want to be sure you're getting all the data back.
2) If you have any number of disks this is gonna be REAL expensive.
3) Assuming tha you un-erased all disks 100% perfectly. (not so likely) you have to put them in a qualifying machine and do some password hacking to get in.

So, you've spent one large amount of time and money getting into the machine.

Let's make it harder. Before you are ready to delete hte machine do this:

1) Write a small program that will write a 1024 byte record of all binary 1's (FF) or 0's (00) 2) Create a file to match with *NOMAX. No access Path just one *REALLYBIG file. 3) Erase all yer stuff. All yer libraries, devices, user profiles and all LPPs you don't want.
4) Copy your program into QSYS.
5) Clear all copies of QHST.
6) Delete any PTF Save Files etc especially for PTFs.
7) Empty all remaining print queues and RCLSPLSTG *NONE
8) In restricted condition call your program telling it to write 00s until the disk is full.
9) Call your program to UPDATE all records to FFs
10) Call your program to UPDATE all records to 00s
11) Call your program to UPDATE all records to FFs
12) Call your program to UPDATE all records to 00s
13) Call your program to UPDATE all records to FFs
Lather, Rinse, Repeat until you are happy.

Here's the logic.

I) The stuff still on the machine is now i5/OS and it's bits.
2) Your stuff, your profiles, your data is gone and as such the space it occupied is now available.
3) You write 00s over all available space thus writing over your data.
4) You write FFs over all available space thus writing over your data (again) with different data.
5) Lather Rinse Repeat.

If you deleted the O/S and reloaded it and THEN ran this program you wouldn't be writing over all your stuff since the O/S goes all over the disks maybe in places your stuff was therefore blocking the program from writing 00s and then FFs on those disks.

A DOD erase involves multiple passes of 00s and FFs etc.

Specifically you have not done this to the entire system but you have done it to your data. Write it enough times and your data is good and gone.

Will this take some time? Yah sure but it's doing all disks at once rather than one single disk at a time.

I dunno if auditors would find this 'good enough' but methinks that data is good and gone while the disks are still useful.

 - Larry

Jerry Draper wrote:
This IBM document says to IPL off of a SavSys21 tape to initialize DASD
on an AS400 prior to decommissioning a system.

I am familiar with DOD specs of writing random strings of data in 7-9
passes to disks to really "delete" the data.  Alternately there are
system (PC based of course) that write strings of zeros to data areas.

Anyone know if just initializing the disks and adding them to an ASP
will be sufficient?

Jerry





As an Amazon Associate we earn from qualifying purchases.

This thread ...

Follow-Ups:
Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2025 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.