Erasing old TSM tapes?

S

scapegoat

ADSM.ORG Member
Joined
Oct 16, 2007
Messages
17
Reaction score
0
Points
0
We're preparing to transfer some tape libraries to another division and I'd like to erase all of the tapes beforehand to ensure the data is not accessible. I'd degauss them, but I don't want to destroy the media, only the data on it. Any advice on how to best go about this?

Or, is it something I should even worry about? With the TSM installation & database long gone, can data be easily recovered from the tapes?

Thank you!
 
Without the TSM database, a forensic lab could get some data if it was a large section of related tape blocks. But realistically, I would imagine the cost of trying to extract something useful would be so high I can't think of anyone who'd waste the time/expense.

TSM does have an option to scrub the tapes when they scratch out, but if you've already shutdown the TSM server long ago and can't bring it back to life, there's nothing more you can really do.
 
The data is there and could be read *if*

- there is also a TSM DB Backup tape with the data tapes and they restore the TSM DB
or
- with some effort, a raw dump of data from the tape and then reconstruct the data stream into files (hard but not impossible for a determined geek like most of us)

but if you have either media encryption (hardware at the drive/library), hardware encryption (add-on card to the host) or TSM client encryption then the data does not exist as far as anyone is concerned.

If you do not use encryption (you really should) then you can use OS utilities to write new data to the tapes which would render them useless for your data to everyone except major governments (think NSA type people only) For UNIX/Linux, you dd or tar to write random data to the tapes and if on Windows, use Windows Backup/NTBackup to backup junk files.

-Aaron
 
Thanks for the responses. Sounds to me like the TSM DB would be needed to get much of anything useful, yes? So as long as I remove the DB backup tapes, the data on the rest isn't going to be easily recovered?

Aaron: If given a single tape, how involved would the procedure to recover data be? It's not as easy as a dd read, is it? Realistically, it's doubtful anybody would want the data and it's not confidential, but I do have concerns about backups of /etc/*.
 
The data in files is stored in plaintext on the tape if you aren't using encryption. You could read the entire tape with dd or something similar, and then use a tool to search for instances of strings you are looking for eg. "root:" for a root password entry in an /etc/passwd file and quite easily find it.
 
OK. That's what I was worried about. Thanks for the info. I'll make sure they are overwritten or destroyed.
 
I'd like to follow on this thread because I have a need to erase some tapes but what is here doesn't seem to apply exactly.

I've been running an archive (5 year retention) for a server we are getting ready to retire but it looks like the process had an error along the way (I think someone messed with the server and disrupted the process). Last fall we migrated the content of this server to a new one but the migration didn't go well so we want to save a copy of the old server's content before it is shut down.

Right now 2-3 tapes have been used so I'd like to erase them and start the archiving job over again.

Thank you.
 
Erasing tapes. I am only familiar with LTO media so other chime in but on the tape itself have some 'servo tracks'. If you degauss a tape to erase the contents, it wipes the servo tracks as well and makes the tape unusable.

If you wish to reuse the tape, simply configure your node allowing the node to delete archive data, go into the client and delete the archive data. Let expiration run on the TSM server and it will free up the tapes. If that is too much effort you should be able to determine what tapes has your client archive data on (be sure the tape ONLY has the client archive data on - not any other client archive data) and delete the volume and discard the data. The volume should be returned to scratch.


And just to add to the other topic in the thread, when we migrated from LTO1 to LTO4 we ran a degauss over every tape and then physically shredded the tapes using a commercial tape shredding company to make teeny tiny chips of our LTO1 tapes.
 
I'm using LTO3 tapes.

I thought the "delete" command there would eliminate the tape's existence from the library entirely. I'll look into that since I want to preserve the good archive tapes I made just before this attempt failed (this is a second copy of the server's contents). I'd also like to make the tapes I wish to erase reusable until we complete our migration away from Tivoli for our active servers.
 
That should work, you may need the 'discarddata=yes' as well. After expiration runs on the tsm server, you are set.
 
You must log in or register to reply here.

Data Privacy Impact Assessment

Compliance Assurance in Every Byte: Discover the Impact of Our DPIA Services.

Sponsor ADSM.ORG

If you are reading this, so are your potential customer. Advertise at ADSM.ORG right now.

Navigation Menu

Forums
   IBM TSM
   EMC Backup and Recovery
   Symantec NetBackup  
   SAN  
   NAS
   Platforms / OS
Mailing List Archives
   ADSM-L
User Groups

NordVPN 3 Months FREE

Help Support ADSM.ORG and Get NordVPN with 64% Off and 3 Months FREE.

NordVPN with 64% off + 3 months FREE

Forum statistics

Threads
31,974
Messages
135,447
Members
21,952
Latest member
gatherpc
Back
Top