Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages


home | help
BCWIPE(1)							     BCWIPE(1)

       bcwipe -	securely erase data from magnetic and solid-state memory
       (c) 2002-2008 Jetico, Inc.

       bcwipe [-VvsbBdrifhSF] [-m mode]	[ -n sec ] FILE...

       bcwipe  Repeatedly  overwrites  special patterns	to the files to	be de-
       stroyed.	 In normal mode, 35 passes are used (of	which 8	 are  random).
       Patterns	used were recommended in article by Peter Gutmann
       entitled	 "Secure  Deletion of Data from	 Magnetic and Solid-State Mem-
       ory".  In quick mode, U.S. DoD(Department of Defence)  5220.22-M	 stan-
       dard  are  used	with  7	pass wiping. In	custom mode U.S. DoD 5220.22-M
       standard	are used with user defined number of passes.

       -mb  German BCI/VSITR  7-pass wiping.

       -md  U.S. DoD 5220.22M 7-pass extended character	rotation  wiping  with
	    last pass verification.

       -me  U.S. DoE 3-pass wiping.

       -mf <filename>
	    Read wiping	scheme from file.

       -mg  35-pass Peter Gutmann's wiping.

       -ms  7-pass Bruce Schneier's wiping.

       -mt  1-pass  test  mode.	  First	 4 bytes of every 512 bytes block will
	    contain block number.

       -mz  1-pass wiping by zeroes.

       -m <mode> (custom wipe)
	    U.S. DoD 5220.22-M n pass extended character rotation wiping  with
	    last pass verification.

       -n <delay>
	    Wait  delay	seconds	between	wiping passes. Modern enterprise level
	    storage systems (NAS, disk arrays etc.)  employ  powerful  caches.
	    To	avoid undesirable caching effects BCWipe allows	user to	insert
	    adjustable delay between wiping passes. Please note	that when wip-
	    ing	 with  delay between passes disk space is freed	after the last

       -w (wiping only)
	    BCWipe version 1.7 (and later) verifies last  pass	wiping	result
	    according to U.S. DoD 5200.28 standard for all wiping modes	above.
	    Use	the option to disable the last pass verification.

       -d (do not delete)
	    Do not delete file(s) after	wiping.

       -b (block device)
	    Wipe contents of block devices

       -B   Disable direct IO mode when	wiping block devices

       -t <threads>
	    Wipe and verify block devices in  multi-thread  mode.  BCWipe  run
	    threads worker threads. Useful for wiping multiple disk volumes.

       -S (wipe	file slack)
	    Wipe  files	 slack.	File slack is the disk space from the end of a
	    file till the end of the last cluster used by that	file.  Cluster
	    is minimal portion of disk space used by file system.

       -F (wipe	free space)
	    Wipe free space on specified filesystem.

       -s   Use	ISAAC random number genertor by	Bob Jenkins	 Default  is  SHA-1 (Secure Hash Algo-
	    rithm). ISAAC is random faster than	SHA-1.

       -p   Use	64Kb random pattern for	random passes instead of full  random.
	    Much faster	(especially on slow CPU) but less secure!  (not	recom-

       -f (force)
	    Force wipe files with no write permissions.	 Also suppress	inter-
	    active mode.

       -r (recurse into	subdirectories)
	    Remove with	wiping the contents of directories recursively.

       -i (interactive)
	    Prompt whether to wipe each	file.

       -I (disable interactive)
	    Never prompt whether to wipe each file.

       -v (verbose)
	    Explain what is being done.

       -l [logfile]
	    Log	actions	to file. Log to	console	if filename is omitted

       -h (help)
	    Display help and exit.

       -V (version)
	    Display version and	exit.

Wiping scheme file format
       A  file	specified  in  -mf  option  is a text file with	wiping scheme.
       Scheme passes must be described in following format:

       number. {random|complementary|[hex[,hex[,hex[,hex]]]] [,	verify]}

       random -	random pass
       complementary - a pass complementary to previous	one
       hex[,hex[,hex[,hex]]] - wiping pattern, up to four two-digit  hexadeci-
       mal numbers
       verify -	verify wiping pass

       bcwipe  -rvf ~/sources #	forced wipe of ~/sources directory recursively
       with Peter Gutmann's scheme

       bcwipe -bvmd /dev/hda # wipe entire /dev/hda disk with 7-pass DoD stan-

       bcwipe  -r * # recursive	wipe of	current	directory with Peter Gutmann's

       bcwipe -mfmy_scheme -lwipe.log -b /dev/fd0 # wipe /dev/fd0 floppy  with
       scheme from my_scheme file; write log to	wipe.log file

       Contents	of my_scheme file from previous	example:
       1. random, verify
       2. complementary
       3. AA, A5, 55, verify

       Original	version: Jetico, Inc. <>


Unix				Mon Feb	4 2008			     BCWIPE(1)


Want to link to this manual page? Use this URL:

home | help