NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Fastest way to FUBAR a raid 5 array?
Hi guys,
I have a ReadyNas Pro 4 with 4 2TB disks in a raid 5 array.
I have a hard time to find out if it is possible to use some kind of file encryption on it the way I would like it to work. When the NAS boots (reboots) the whole file system is encrypted AES-256bit and you need to manually unlock it supplying a secret, if you pull the disks and put them in another NAS the file system should still be encrypted.
That would be the best option (in case of a false alarm) if its possible to do, another one is if there is a way to quickly destroy the raid array and make the data on the disks unrestorable. I am talking completely FUBAR. Electricity comes to mind :).
This is somewhat an ambitious project, I am planning of doing something with my home alarm system to trigger the NAS to either power off if the encryption method would work, or to initiate project FUBAR. I have sensitive client information stored on the NAS (backed up offsite off course) that in case of a break in needs to be completely wiped. Is it possible to do with software or do I need to disassemble my heart starter machine? :)
I have a ReadyNas Pro 4 with 4 2TB disks in a raid 5 array.
I have a hard time to find out if it is possible to use some kind of file encryption on it the way I would like it to work. When the NAS boots (reboots) the whole file system is encrypted AES-256bit and you need to manually unlock it supplying a secret, if you pull the disks and put them in another NAS the file system should still be encrypted.
That would be the best option (in case of a false alarm) if its possible to do, another one is if there is a way to quickly destroy the raid array and make the data on the disks unrestorable. I am talking completely FUBAR. Electricity comes to mind :).
This is somewhat an ambitious project, I am planning of doing something with my home alarm system to trigger the NAS to either power off if the encryption method would work, or to initiate project FUBAR. I have sensitive client information stored on the NAS (backed up offsite off course) that in case of a break in needs to be completely wiped. Is it possible to do with software or do I need to disassemble my heart starter machine? :)
10 Replies
Replies have been turned off for this discussion
- The traditional method is thermite.
- I'd look into TrueCrypt, and also encrypted iSCSI (rather than encrypting the raid volume itself).
- Thanks for the replies (reply :) ) I am not to familiar with the technique, can you elaborate what you mean by encrypted iSCSI? Thanks
- iSCSI is described here: https://en.wikipedia.org/wiki/ISCSI It is a way to create a virtual disk drive on the Pro.
It is possible to encrypt that virtual drive, as described here: http://wiki.netbsd.org/tutorials/how_to ... i_devices/ I am not sure whether this approach can be adapted to the NAS (iSCSI is not a protocol I use myself). But I think it is worth investigating, and almost certainly easier than attempting to directly encrypt the NAS file system.
TrueCrypt certainly has been done on the Pro, there is a thread here: viewtopic.php?f=7&t=48384
While looking at this, I noticed an old thread on EncFS here: viewtopic.php?f=20&t=31766#p174359 - Thanks a bunch for all the suggestions and references! I'll dig in
- Just out of curiosity, what would a 200lb electromagnet do to a hard drive? Anyone knows?
- If the magnetic field is strong enough it will degauss the drive - erasing the data, but also the servo tracks. This would make the drive unusable. It might also physically damage the motor (particularly if you are using AC power, so the magnetic field is alternating also).
http://www.packetsniffers.org/bitbucket/degaussing.html is an old article, but doesn't identify the strength of the magnet that was used. Higher density drives need higher field strengths to bulk erase them.
If you simply want to remove the data, all new drives have a secure erase command. You need to be connected with SATA to use it (not through a USB adapter). Seatools can run this command, as can hdparm. It does take a while to execute, and of course can only be done if the drive is basically working. - Interesting reading, this project got me more intrigued then I originally thought
*Edit: Was also thinking if it would be more secure and simple to just put the most sensitive information on a SSD (for the speed) and secure-delete it following by a endless loop of filling it up and deleting or using the secure erase command if I can hook it up via SATA. Then I think it would be secure enough for anyone not to bother - Use the secure erase ATA command with SSDs. That is certainly enough, and you can safely assume that the drive manufacturer knows how to erase the drive better than you do. That's particularly important with SSDs; you don't want to make assumptions about the details of the algorithms which limit writes to the same physical sector.
- The standard way of doing it with iSCSI is just mounting it in your computer, letting TC encrypt the partition that iSCSI exposes. This has several advantages:
1) The computer has to be on and logged in to access data -- there is no easy way of accessing that data using only the NAS. Turning off/locking the computer leaves the data completely encrypted (except in computer RAM and caches), which is not the case with "USB keys in the NAS" et cetera. This means you can leave the house with everything running while still being pretty darned secure.
2) Encrypted and non-encrypted files can co-exist on the same volume (the iSCSI "device" is just a big file on the NAS file system).
3) You can use all TrueCrypts standard features, such as hidden volumes.
4) You can move the iSCSI container file from disk, mount it as a volume on another system, and access it with TrueCrypt even if the NAS breaks.
5) If you trust Intel and NIST, you can use AES as encryption, and get no performance hit from encryption/decryption due to the new AES accelerating instructions in newer Intel processors.
6) Data is encrypted all the way into your computer, sniffing the data stream is meaningless.
There are also disadvantages:
1) This method is rubbish on OS6, performance is super bad. (Edit: not since 6.1.9 RC5 if you disable "sync writes" on the LUN)
2) iSCSI performance is worse than CIFS, but dunno if worse than NAS-encrypted file systems (as that taxes the puny NAS cpus)
3) The computer has to be on and logged in to access data -- there is no easy way of accessing that data using only the NAS. Yes, this was also a pro. ;-) But you can NOT in any safe way use NAS-hosted bittorrent or the like to access the iSCSI container.
Regarding data wiping, removing the partitions (or better, writing dummy ones) will stop all normal adversaries. If you envision forced entry by determined and competent people, like government agencies and the like, zeroing the drives will stop that too but you won't have time for that.
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
