Jumprit's Knowledge

Jumprit's knowledge and references to share.

EMC SAN Wipe Disk —

You need to have the cli installed.

***NOTE: There seems to be some confusion on the Vault Drives.  From what I glean, you will never be able to wipe these drives as they contain a RAID group.   Remove the RAID group and you will lose connectivity and NOT be able to run naviseccli.   If you know this to be inaccurate, please let me know, as I’d love to hear more.

Then you simply run:

naviseccli -h IP Address -User Username -Password Password -Scope 0 zerodisk -messner all start

This will wipe all disks.   You do need to have all disks unbound, so remove all RAID groups, LUNS, and storage pools first.

You can then run the info below to see the status.  This will give you the % complete.  In Unisphere you should see the drives change from unbound to bound.  Once complete, they will change back to unbound.  (YMMV as this seems to be rather flaky. )

naviseccli -h IP Address -User Username -Password Password -Scope 0 zerodisk -messner all status

Finally, you can run  the below to get the zeromark.

naviseccli -h IP Address -User Username -Password Password -Scope 0 zerodisk -messner all getzeromark

If you see 69704 , congratulations, you have zeroed that disk!

Switching gears, now you need to go into documentation mode.   To collect the serial numbers of the drives you wiped, you can run the info below:

naviseccli -h IP Address -User Username -Password Password  getdisk all -serial

Document all serial numbers and when they were zeroed out.  (Don’f forget, we didn’t wipe the vault drives, so you can’t list those as being zeroed).

You now have a fully wiped SAN, well, mostly wiped anyway.   Those pesky Vault drives can present a real issue.  Hopefully you have never stored live data on them, but if you have, you will want to wipe those drives as well.  If you have another SAN you use, you can pull the vault dives, and insert into the other SAN and zeroize from there.  The only other solution I have is to pull them and wipe with a professional zeroing device.


EMC VNX and Clarion Wipe Disk —

They have a built in command that will do the job:

navicli -h <SP IP> zerodisk -messner B E D
B Bus
E Enclosure
D Disk

usage: zerodisk disk-names [start|stop|status|getzeromark]

sample: navicli -h 10.10.10.10 zerodisk -messner 1_1_12

This command will write all zero’s to the disk, making any data recovery from the disk impossible.  Add this command to a windows batch file for every disk in your array, and you’ve got a quick and easy way to zero out all the disks.

So, once the disks are zeroed out, how do you prove to the audit department that the work was done? I searched everywhere and could not find any documentation from emc on this command, which is no big surprise since you need the engineering mode switch (-messner) to run it.  Here were my observations after running it:

This is the zeromark status on 1_0_4 before running navicli -h 10.10.10.10 zerodisk -messner 1_0_4 start:

Bus 1 Enclosure 0  Disk 4

Zero Mark: 9223372036854775807

This is the zeromark status on 1_0_4 after the zerodisk process is complete:

(I ran navicli -h 10.10.10.10 zerodisk -messner 1_0_4 getzeromark to get this status)

Bus 1 Enclosure 0  Disk 4

Zero Mark: 69704

The 69704 number indicates that the disk has been successfully scrubbed.  Prior to running the command, all disks will have an extremely long zero mark (18+ digits), after the zerodisk command completes the disks will return either a 69704 or 69760 depending on the type of disk (FC/SATA).  That’s be best I could come up with to prove that the zeroing was successful.  Running the getzeromark option on all the disks before and after the zerodisk command should be sufficient to prove that the disks were scrubbed.


EMC Wipe Disk Command —

If you don’t need to save anything then you probably don’t need DoD compliancy because a completion certificate is required to meet that governance plus the method of multiple pass overwrites etc…

If you don’t need compliance and you don’t need a certificate then you should just issue a command;

filesys destroy and-zero (make sure it’s the correct DDR )

The and-zero will write zero’s and will take several hours to complete. It is not supported on gateway appliances.

Without the “and-zero” it will just ‘mark’ the data as deleted and finish very quickly.

I hope that helps, Regards Jonathan


EMC Boot from USB —

by anbrow42 on Sep 22, 2014 10:44 AM

After a lot of research and help from others, the answer has been found.  You CAN boot from a USB drive and wipe the disks!  Here is the procedure:

 

1. create bootable media, either a USB thumbdrive, or bootable CD using BCWipe or whatever other application you choose.

2. attach bootable media via USB

3. boot Data Domain with a keyboard and monitor attached directly to it.  The moment you see the first text on the screen, start tapping the F2 key.

4. It will eventually come up and ask for the CURRENT password.  This is NOT the password you have set up for users, this is a BIOS/CMOS password.  Found the password info HERE: http://lvlnrd.com/emc-datadomain-default-bios-cmos-password/

DD460 = d400d (delta four zero zero delta)

DD670 = d600d (delta six zero zero delta)

DD880 = d800d (delta four zero zero delta)

The pattern is simple, “d + major series model number + d

5. Once you are into the BIOS, go to the boot menu, set your USB drive as the first boot disk, and reboot.

6. Once you have rebooted it will boot from the USB drive, and you can then wipe the disks as you need to.  This may take a week or more depending on size of your drives.

7. After the wipe is complete, you will likely need to re-install the DDOS, the instructions for which can be found in the official documentation.

 

NOTE:  There is only one drawback with this method that I can think of.  There is not a way with BCWipe booting it from USB that you can save the logs or get the certificate saved so any media, so the only way to get a record of it is to snap a photo of the logs.  Cybersecurity has agreed to this method.


EMC VNX CLI —

1. Install NaviCli
NaviCLI Setup 
2. Open the command prompt and choose the specific path location where the setup is installed.
3. Example of usage:
C:\Users\HP\Navisphere CLI>NaviSECCli.exe -h 128.221.1.250 -user sysadmin -password sysadmin -scope 0 getdisk
——————-
If don’t want to write password everytime:

For VNX1 Series, use the following commands to copy data from online disk 0_1_5 to any hotspare available:


>> naviseccli –h <SP_IPaddress> copytohotspare 0_1_5 –initiate

***If command above does not work, attempt the following command***


>> naviseccli -h <SP_IPaddress> -user <username> -password <password> copytohotspare 0_1_5 –initiate


note: Default username and password are sysadmin, sysadmin. If for some reason this does not work, request customer for username and password.

**To verify that disk is actually copying to hotspare use command:


>> naviseccli getdisk <disk location>