Difference between pages "Eraser" and "Category:Anti-forensics tools"

From Forensics Wiki
(Difference between pages)
Jump to: navigation, search
 
 
Line 1: Line 1:
{{Infobox_Software |
+
These tools can all be used to frustrate forensic analysis.
  name = eraser |
+
  maintainer = [[Heidi Computers]] |
+
  os = {{Windows}} |
+
  genre = {{Secure deletion}} |
+
  license = {{GPL}} |
+
  website = [http://heidi.ie/eraser/ heidi.ie/eraser] |
+
}}
+
  
Eraser is a Windows tool that allows you to securely remove files from your computers hard drive and securely wipe free space so as to remove the [[Residual Data | residual data]] of previously deleted files by overwriting with specially selected wiping paterns.
+
== See Also ==
 +
* [[Anti-forensic techniques]]
  
Eraser currently works with Windows 95, 98, ME, NT, 2000, XP, Windows 2003 Server and DOS and supports FAT and NTFS formatted IDE/SATA/SCSI hard drives. Support for Vista was introduced in 5.83beta.
+
[[Category:Tools]]
 
+
The software supports the scheduled wiping of files via its ''Scheduler'' console as well as on demand file wiping which can be done via an Explorer context menu or dragging files to the Eraser application.  It can attempt to wipe locked files (e.g. [[index.dat]] files) after the next reboot by forcing a wipe before Windows takes control again.
+
 
+
= Methodology =
+
Eraser overwrites the filename for each deleted file with zeros up to the maximum filename length.
+
 
+
Supported wiping patterns include
+
{|cellspacing="0" cellpadding="1" border="1" style="margin: 1em 1em 1em 0;background: #f9f9f9;border: 2px #333333 solid;" width=50%
+
! style="background:#efefef;border: 1px #333333 solid;" |Erase File
+
! style="background:#efefef;border: 1px #333333 solid;" |Erase Free Space
+
|-
+
|Gutmann
+
|Gutmann
+
|-
+
|US DoD 5220.22-M (8-306 /E, C and E)
+
|US DoD 5220.22-M (8-306 /E, C and E)
+
|-
+
|US DoD 5220.22-M (8-306 /E)
+
|US DoD 5220.22-M (8-306 /E)
+
|-
+
|Pseudorandom Data
+
|Pseudorandom Data
+
|-
+
|First and Last 2kb
+
| -
+
|-
+
|Schneier's 7 Pass
+
|Schneier's 7 Pass
+
|}
+
 
+
=Authors=
+
Eraser was originally developed by Sami Tolvanen and now maintained by Garrett Trant of Heidi Computers Ltd.
+
 
+
 
+
= External Links =
+
* [http://www.heidi.ie/eraser/ Official website]
+
* [http://bbs.heidi.ie/index.php Eraser Support Forums]
+
 
+
[[Category:Anti-forensics tools]]
+

Revision as of 13:30, 15 April 2007

These tools can all be used to frustrate forensic analysis.

See Also