Kaseya Community

Self Distruct/Remote Wipe system

This question is not answered

Has anybody done any scripts that can be run to do a self distruct/remote wipe on a hard drive?   Looking for a way to be able to send a command out to a machine so that as soon as it is turned on after it has been stolen to wipe the system.

I know that if you send format c: command it would prob fail because it is the OS partition  and even if you could I know that the data could be recovered.  But alteast it would stop an novice theif from seeing the files.

So has anyone come up with a soulution for this already?

 

Thanks,

 

Troy

 

 

All Replies
  • For the local gpo lock, I took a virtual box, ran the package tool and changed all my settings to lock the PC down, then re-ran package tool and use the exe to set all the reg keys to do the lockdown.

    the package tool is the one provided by Kaseya

    once you get the pc back you can remove it by ftp to the box, and delete the grouppolicy folder in c:\windows\system 32

  • I have been asked to look into this myself. A possible solution would be to script around this tool;

    sourceforge.net/.../eraser

    And I was looking at duplicating the functionality of the what you can get through the Prey Project (http://preyproject.com/)

    There is a lot of potential around this, so far tough it has been my experience that the crims tend to wipe the hard drives themselves to make sure that there is as little proof of somebody else owning the computer as possible.

    A better non-Kaseya option around this is to use/sell laptops with TPM enabled (msdn.microsoft.com/.../aa446796%28VS.85%29.aspx) that way if the laptop is stolen it is pretty much a brick and all the crims can do is strip it for parts to sell on Ebay.

  • Does anyone have any suggestions on remote key logging software that I can upload to a stolen computer? The police department wants more info as I guess the name, address, phone number and e-mail address of the persone using it isnt enough for them!

  • Check the old forums there's a thread that makes some suggestions...

  • This is a great idea, although if you can use the script to wipe a stolen laptop, there is a possibility that a someone could run this on every machine you manage. The risks outweigh the benefit for me in this case.