Tumblelog by Soup.io
Newer posts are loading.
You are at the newest post.
Click here to check if anything new just came in.

Dedicated servers and secure deletion

Today I got my new dedicated server from a company offering "cheap hosting" (20€ per month for a dedicated server) - very popular in France.
During the install I accidentally deleted a file, so I fired up photorec to recover it...
... more than 120 000 files recovered : gz, png, txt, pdf, word docs, etc

Morale de l'histoire :
- when your contracts finishes reboot in rescue mode and wipe your disk, you'll avoid exposing all your backups to the next customer.
- encrypt all sensible information. For backups the best is to encrypt locally and then send it. Of course it is not always possible, ex reserved source code which was tested on the server.
- when you get a new server, first thing to do is to reboot in rescue mode and wipe all the disk. you'll avoid having to explain why certain kind of forbidden material is present on your disk.

By the way, why don't they wipe their disk after the end of the contract? All their infrastructure is fully automated, from partitioning to OS install.
Reposted byraistlin raistlin

Don't be the product, buy the product!