Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Alternative reformat method?


  • Please log in to reply
10 replies to this topic

#1 TexasMitch

TexasMitch

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:11:39 PM

Posted 13 September 2011 - 12:37 PM

Well.. I have a laptop that got infected to the point where I couldn't restore Windows. I have been using linux on the computer for a while now and have been thinking..

Is it even safe to use the infected laptop with linux? (Windows won't even open on that laptop, error messages)

My real question leads me to:
If I run DBAN(Darik's Boot and Nuke) to wipe the hard drive; and then install unbutu- would that be a good idea? I'm just concerned about the security of the laptop. If I use DBAN that should erase EVERYTHING including any malware and infections, right?

Any help will be greatly appreciated!!

Regards,
Mitchell

Edited by TexasMitch, 13 September 2011 - 12:54 PM.


BC AdBot (Login to Remove)

 


#2 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,716 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:39 AM

Posted 13 September 2011 - 01:58 PM

I have been using linux on the computer for a while now and have been thinking..

Is it even safe to use the infected laptop with linux? (Windows won't even open on that laptop, error messages)


Do you mean you are running Linux from a Live CD, or did you install Linux on that PC (e.g. installed Linux on the hard disk)?

Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#3 TexasMitch

TexasMitch
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:11:39 PM

Posted 13 September 2011 - 02:05 PM

Do you mean you are running Linux from a Live CD, or did you install Linux on that PC (e.g. installed Linux on the hard disk)?

I installed Linux on to the laptop.


I went ahead and tried to run DBAN but with no success. It couldn't recognize my drive. I did a little searching and found: "The second most common problem with DBAN is bad hardware. If your computer normally crashes, then it will likely crash while running DBAN too. DBAN does not run on broken computers. "

So I guess my infected laptop is too much for DBAN. Is there any other way I can safely wipe the drive- so I can run ubuntu on a clean drive?

Regards,
Mitchell

#4 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,716 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:39 AM

Posted 13 September 2011 - 02:28 PM

I installed Linux on to the laptop.


You run no risk, even if some Windows malware remains on the disk, it will not be able to infect a Linux install.

I've not installed Ubuntu recently, but I did recently install other distros like Red Hat and CentOS. When you install these over an existing OS, they ask if you want to erase the existing partitions and create new ones. And they use another filesystem on the partition: ext3 in stead of Windows' NTFS.

I guess that your Ubuntu install did the same. You erased the existing partitions, and reformatted them with another filesystem.
If there is malware surviving on your disk after this, it has to be malware that targets the Windows kernel. You are safe, because you don't have a Windows kernel anymore, you have a Linux kernel.
There is no malware in the wild that is cross-platform Windows/Linux kernel.

Edited by Didier Stevens, 13 September 2011 - 02:28 PM.

Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#5 TexasMitch

TexasMitch
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:11:39 PM

Posted 13 September 2011 - 02:34 PM

Thank you for clearing that up for me. I appreciate it.

Just out of curiosity, is there any other alternative to safely erase/wipe my drive?

Regards,
Mitchell

edit:

I guess that your Ubuntu install did the same. You erased the existing partitions, and reformatted them with another filesystem.

Correct. And I just recently re-installed Ubuntu, and used the option to 'Erase existing paritions, and erase'; but I didn't that was a safe and thorough wipe.

Edited by TexasMitch, 13 September 2011 - 02:43 PM.


#6 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,716 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:39 AM

Posted 13 September 2011 - 02:53 PM

but I didn't that was a safe and thorough wipe.


In your case it is, because even if some Windows malware survives in an untouched location on your disk, it will not be able to infect your Ubuntu install.

Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#7 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,716 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:39 AM

Posted 13 September 2011 - 02:55 PM

Just out of curiosity, is there any other alternative to safely erase/wipe my drive?


Yes, there are several alternatives to DBAN. For example Disk Wipe. http://www.diskwipe.org/

Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#8 TexasMitch

TexasMitch
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:11:39 PM

Posted 13 September 2011 - 02:58 PM

Great, thank you.

edit:::

View PostTexasMitch, on 13 September 2011 - 02:34 PM, said:
Just out of curiosity, is there any other alternative to safely erase/wipe my drive?


Yes, there are several alternatives to DBAN. For example Disk Wipe. http://www.diskwipe.org/

So is my laptop not wiped?? I thought you just said in my case it was a secure and thorough wipe? I apolgoize, I am a bit confused here.


Kindest Regards,
Mitchell

Edited by TexasMitch, 13 September 2011 - 02:59 PM.


#9 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,716 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:39 AM

Posted 13 September 2011 - 03:06 PM

So is my laptop not wiped?? I thought you just said in my case it was a secure and thorough wipe? I apolgoize, I am a bit confused here.


I'm confused too. Didn't you ask for an alternative to DBAN? I suggested Disk Wipe as an alternative. I did not imply you had to use Disk Wipe on your laptop, I merely said it was an alternative, like you asked for.

Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#10 TexasMitch

TexasMitch
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:11:39 PM

Posted 13 September 2011 - 03:25 PM

Sorry for any confusion. Thanks again.

#11 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,716 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:39 AM

Posted 13 September 2011 - 03:29 PM

Sorry for any confusion. Thanks again.


No problem, you're welcome.

Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users