Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help
SFILL(1)		    General Commands Manual		      SFILL(1)

NAME
       sfill  -	 secure	free disk and inode space wiper	(secure_deletion tool-
       kit)

SYNOPSIS
       sfill [-f] [-i] [-I] [-l] [-l] [-v] [-z]	directory/mountpoint

DESCRIPTION
       sfill is	designed to delete data	which lies on available	 diskspace  on
       mediums	in  a  secure manner which can not be recovered	by thiefs, law
       enforcement or other threats.  The wipe algorythm is based on the paper
       "Secure	Deletion  of  Data  from Magnetic and Solid-State Memory" pre-
       sented at the 6th Usenix	Security Symposium by Peter  Gutmann,  one  of
       the leading civilian cryptographers.

       The secure data deletion	process	of sfill goes like this:

       *      1	pass with 0xff

       *      5	random passes. /dev/urandom is used for	a secure RNG if	avail-
	      able.

       *      27 passes	with special values defined by Peter Gutmann.

       *      5	random passes. /dev/urandom is used for	a secure RNG if	avail-
	      able.

       afterwards  as  many  temporary files as	possible are generated to wipe
       the free	inode space. After no more temporary  files  can  be  created,
       they are	removed	and sfill is finnished.

COMMANDLINE OPTIONS
       -f     fast (and	insecure mode):	no /dev/urandom, no synchronize	mode.

       -i     wipe only	free inode space, not free disk	space

       -I     wipe only	free disk space, not free inode	space

       -l     lessens the security. Only two passes are	written: one mode with
	      0xff and a final mode with random	values.

       -l     -l for a second time lessons the security	even  more:  only  one
	      random pass is written.

       -v     verbose mode

       -z     wipes the	last write with	zeros instead of random	data

       directory/mountpoint  this  is the location of the file created in your
       filesystem. It should lie on the	partition you want to write.

LIMITATIONS
       FILESYSTEM INTELLIGENCE
	      Most filesystems (ext2, ffs, etc.)  have	several	 features  in-
	      cluded  to  enhance performance, which will result in that sfill
	      might not	receive	all available free space. Sad but true.	 Noth-
	      ing can be done about that ...

       NFS    Beware of	NFS. You can't ensure you really completely wiped your
	      data from	the remote disks. (especially because of caching)

       Raid   Raid Systems use stripped	disks and have got large caches.  It's
	      hard to wipe them.

       swap   Some of your data	might have a copy in your swapspace.  sswap is
	      available	for this task.

BUGS
       No bugs.	There was never	a bug in the secure_deletion package (in  con-
       trast to	my other tools,	whew, good luck	;-) Send me any	that you find.
       Patches are nice	too :)

AUTHOR
       van Hauser / THC	_vh@thc.org_

DISTRIBUTION
       The newest version of the secure_deletion package can be	obtained  from
       http://www.thc.org

       sfill  and the secure_deletion package is (C) 1997-2003 by van Hauser /
       THC (vh@thc.org)

       This program is free software; you can redistribute it and/or modify it
       under  the  terms of the	GNU General Public License as published	by the
       Free Software Foundation; Version 2.

       This program is distributed in the hope that it	will  be  useful,  but
       WITHOUT	ANY  WARRANTY;	without	 even  the  implied  warranty  of MER-
       CHANTABILITY or FITNESS FOR A PARTICULAR	PURPOSE. See the  GNU  General
       Public License for more details.

SEE ALSO
       srm (1),	sswap (1), smem	(1)

								      SFILL(1)

NAME | SYNOPSIS | DESCRIPTION | COMMANDLINE OPTIONS | LIMITATIONS | BUGS | AUTHOR | DISTRIBUTION | SEE ALSO

Want to link to this manual page? Use this URL:
<https://www.freebsd.org/cgi/man.cgi?query=sfill&sektion=1&manpath=FreeBSD+12.2-RELEASE+and+Ports>

home | help