DELETE.DOC -- DOCUMENTATION FOR DELETE.EXE WHAT IS THIS? DELETE.EXE is an enhancement of the DEL or ERASE internal command that comes with DOS that: o allows multiple file specifications on the command line; o optionally deletes Hidden, System, or Read Only files; o optionally prompts for permission to delete any file; o optionally deletes files in directories below the current one; o optionally removes empty directories below the current one; o optionally overwrites files before deleting them; and o optionally deletes only files dated before, after, or between dates. o optionally deletes only zero length files. o optionally deletes only files that are not present in a reference directory. HOW DO I RUN DELETE? Syntax: D:\MPJ\DELETE\DELETE.EXE [switches] [filespec...] Switches start with / (not -), and are case insensitive. /? or /H Help: show help message /Amm-dd-yyyy or /Add.mm.yyyy: delete files dated on or After date /Adays: delete files dated on or after "days" ago /Dmm-dd-yyyy or /Ddd.mm.yyyy: delete files dated on or before Date /Ddays: delete files dated on or before "days" ago /F or /Z Force or Zap: delete hidden, system, and read-only files /G Overwrite eight times, then delete permanently /Mdirectory Delete files only if they are Missing from specified directory /N Null files only -- delete only if zero length /O Overwrite twice then delete permanently /P or /C Prompt y/N for Confirmation to delete each file /Q Quiet: don't display names of deleted files /R Recursively remove empty subdirectories /S Recurse through subdirectories but don't remove empty ones Note: doesn't ask 'Are you sure?' to delete a directory without /P. Dates for /A or /D can use /,-, or . to separate the month, day, and year. If you use . to separate the parts of the date, the European convention of day.month.year is used. If you use only two digits for the year, the date is assumed to be between 1980 and 2079 (i. e. 93 means 1993, 02 means 2002). /A and /D can be used together, but if the "after" date is before the "before" date, nothing will be erased. The /M option is for use with "hot standby" systems where you want to periodically delete all files from a backup drive that are not present on the primary drive. For example, if the backup drive letter is G: and the primary drive letter is D:, you might type the command: DELETE /S /MD:\ G:\*.* to delete all files on drive G: that don't exist on drive D:. Some other examples: DELETE *.OBJ *.SYM Deletes all normal files with the suffixes .OBJ and .SYM in the current directory. DELETE /P *.* Presents the name of each file in the current directory to you and asks if you want to delete it. Y or y cause the file to be deleted, Esc or Ctrl-C cause the program to exit, anything else skips the file. DELETE /O C:\PRIVATE\SALARY.LST PERMANENTLY deletes the file C:\PRIVATE\SALARY.LST such that no standard data recovery techniques are likely to work, nor would most laboratory data recovery services be able to recover the data. DELETE /G CLASSIF.IED PERMANENTLY deletes the file CLASSIF.IED beyond recovery even with sophisticated laboratory techniques. Note that this program does not delete "unused" space or system areas on disks, so it cannot be used to completely declassify a hard disk. This option should appeal to the clinically paranoid who don't care that it takes a while to get the file(s) erased. DELETE /S /P C:\*.BAK Presents the name of every file on drive C: with a name ending in .BAK to you and asks you if you want to delete it. DELETE /D10-1-1993 *.LOG *.BAK Deletes all files with a suffix of .LOG or .BAK dated on or before October 1, 1993. DELETE /A10-1-1993 /D10-31-93 *.* Deletes all files in the current directory dated during October, 1993. DELETE /A23 *.* Deletes all files in the current directory dated 23 days ago or later. DELETE /D180 *.* Deletes all files in the current directory dated 180 days ago or earlier. DELETE /N /S D:\PROJECT\*.* Deletes all files in the D:\PROJECT directory and its subdirectories that are of zero length. ARE YOU SURE? The DOS DEL command sometimes asks you if you are sure, and sometimes it doesn't. If you enter a file specification that isn't *.* or a directory name, DOS won't ask you permission, even if your file specification matches all of the files in the directory. A safer approach is to show you the name of each file, then ask if you want to delete it, like DELETE does when you specify the /P option. That is what the DELQ.BAT file does. If you find the "Are you sure?" prompt to be an annoyance, and like to live a little dangerously (like I do), then leave the /P switch off. Then you won't be asked if you are sure, even if you are deleting entire subdirectories. At the y/N prompt, pressing y or Y will result in the file being deleted or the directory being removed. Any other key will cause the file or directory to be left alone. OVERWRITING The overwrite options are intended to PERMANENTLY delete sensitive data. /O Causes one overwrite of the file with cryptographic pseudorandom values, then the one's compliment of those values, followed by a byte for byte verification that the correct values were in fact written over the file. If the overwrite fails for any reason, the message "OVERWRITE FAILED" will appear on the screen. After each of the write operations, the DOS reset disk function (interrupt 21 hex, function 0D hex) is called in hopes that this will prevent write delay cache programs from defeating the overwrite. This option also sets the file size to zero after the last overwrite and deletes the name in the directory entry (once). /G Does what /O does four times. This is for the purpose of obliterating a file beyond the possibility of recovery even with sophisticated lab equipment that can detect what was overwritten a few times by the strength of the magnetic fields on the disk. /G exceeds U. S. Government requirements for deletion of certain very sensitive data. The truly clinically paranoid can increase this value by specifying a number from 5 to 9 immediately after the /G to specify a greater number of overwrite pairs. For example, to overwrite the file "SECRET.DOC" (containing the recipe for nerve gas or some such noxious thing, perhaps?) 18 times (9 pairs of overwrites), so that it cannot be unerased by spacefaring aliens: DELETE /G9 SECRET.DOC Either one of the above two options (/G or /O) will cause standard unerase or undelete utilities to fail, unless you have some TSR operating that defeats the overwrites. Some network operating systems that keep old versions of overwritten files may defeat the effectiveness of the overwrites. If you are running standard DOS with no network or unerase TSR software running, then /O will obliterate data beyond the ability of commercial data recovery services to recover. /G will obliterate the data beyond the ability of well-funded spy organizations to recover. Keep in mind, however, that the data you are overwriting may also exist in other places, such as already-deleted temporary files or swap files, or on backup tapes or disks. When overwriting files, DELETE will also overwrite the entire last cluster of the file (the "file tail"), if the cluster size on your disk is 8192 bytes or less. Since files are overwritten with noncompressible streams of data, you might (or might not) get an overwrite failure message when overwriting a compressible file on a full (or nearly full) compressed volume. Use of an incompressible overwrite sequence guarantees that the whole file is overwritten, even if you are using a compressed file system. The pseudorandom sequence generator used is the Sapphire II Stream Cipher, keyed with an obscure combination of things available in the environment of the PC. It would not be impossible to reproduce the sequence used, but it would take some time. A different sequence is used for each pair of overwrites. The real resistance to undeletion comes with overwriting the data, but renaming the file to a one character name, then truncating it to zero length even removes clues about what file name was deleted and how long it might have been when using standard unerase or undelete utilities. SUGGESTED ALIAS If you are using DOSKEY, CED, or some similar program, you can override DOS's DEL function with a command alias, like DOSKEY DEL=DELETE /P $* This would be a safer way to delete -- asking you for confirmation with each file. On the other hand, if you work with data that you need to keep private on a computer that other people need access to, you may prefer to add the overwrite option, like DOSKEY DELQ=DELETE /P /O $* If you get tired of the y/N prompts, you could leave the /P option out of the above examples. RECURSION THROUGH SUBDIRECTORIES To delete all files in the current directory and all subdirectories below this one AND to remove all empty subdirectories below this one, use the /R switch: DELETE /R *.* To delete specified files in the current directory and all subdirectories, but remove no subdirectories, use the /S switch: DELETE /S *.BAK *.BK! These recursion options should obviously be used with caution, but they can save you a lot of time when you need them. SYNCHRONIZING HARD DISKS When maintaining a disk image backup with a utility like Master Copy (MCP), it is sometimes necessary to delete the files on the backup volume that don't exist on the master volume. This is easily done with the /M option. For example, if you back up your local hard disk, C:, to a network file server directory F:\LOCALBKP\FRED\ with MCP (like XCOPY but better), you might periodically delete files on the network server that you have deleted on your local hard disk with the command: DELETE /S /MC:\ F:\LOCALBKP\FRED\*.* DANGER! Because this program was designed to delete data, you need to watch what you are doing and not delete anything you don't want to. Be especially careful if you are using the /Z, /F, /R, /S, /O, or /G options. I recommend the use of the /P or /C options as much as you can stand it, unless you are sure you know what you are doing. WARNING: DELETING THE SYSTEM FILES IN THE ROOT DIRECTORY OF YOUR BOOT DRIVE WILL MAKE IT INCAPABLE OF BOOTING. WARNING: ONCE YOU DELETE A FILE WITH THE /O OR /G OPTIONS, FILES CAN'T BE UNERASED UNLESS THERE IS SOME UTILITY RUNNING THAT SAVES ALL INTERMEDIATE VERSIONS OF FILES WHEN THEY ARE OVERWRITTEN. WARNING: CERTAIN NETWORK OPERATING SYSTEMS AND TSR-BASED GUARANTEED UNDELETE UTILITIES MIGHT DEFEAT THE EFFECTIVENESS OF OVERWRITE OPTIONS. LEGAL NOTICES DELETE version 1.11 Copyright (C) 1992-1995 Michael Paul Johnson. All rights reserved. Even though I am aware of no bugs in this program, it is provided with no warranty. The user assumes all risk with respect to data loss due to improper operation or malfunction of this program. However, if you find a bug, please tell me so I can fix it. This is share ware. You are free to copy and distribute without modification for the purpose of evaluation. If you decide to use this program regularly, you are required to register it. REGISTRATION FEES & BENEFITS For original disk, printed documentation, and registration: $15. For registration only, $10 per copy. (No disk will be sent, but your name & address will be added to the registration data base). For site license registration, unlimited copies for use at the same corporation: $100. Includes one original disk and one set of printed documentation. Please send registration fee, the name of this program, and, if applicable, the size of disk you want (3.5" or 5.25") to: Mike Johnson PO BOX 1151 LONGMONT CO 80502-1151 USA HOW TO CONTACT THE AUTHOR 1. By mail at the above address. 2. At the Colorado Catacombs BBS, 303-772-1062. The latest versions of Mike Johnson's software are here. (This is the fastest way). 3. Internet: m.p.johnson@ieee.org 4. CompuServe: 71331,2332 5. At home at 303-772-1773. REVISION HISTORY 4 Jun 95 1.11 Fixed bug where a command line option following a relative number of days might not be seen if there was no space between the options. 16 May 95 1.10 Added /M option. 9 Feb 95 1.06 Added code to set the file length in the directory to zero after overwriting but before deleting a file when using /O or /G options. 5 Feb 95 1.05 Added number of day option for /A and /D switches. Changed support BBS to Colorado Catacombs, 303-772-1062. Improved secure overwrite to use cryptographic stream instead of "random()" function. Added /N option. 24 Feb 93 1.04 Made overwrite pattern pseudorandom for more secure overwrite and erasure on compressed volumes. 2 Oct 93 1.03 Added /A and /D switches. 6 Feb 93 1.02 Added disk reset function. Made Ctrl-C & Esc exit program at y/N prompt. Increased depth of directory recursion possible. 24 Aug 92 1.01 Minor display formatting changes. 29 Apr 92 1.00 Initial release. INVOICE Remit to: From: Mike Johnson ______________________ PO Box 1151 ______________________ Longmont CO 80502-1151 ______________________ USA ______________________ Contact person: ______________________ ______________________ email address: ______________________ Quantity Description Unit Price Total DELETE registration with disk ________ & printed documentation. $15.00 ______ DELETE single copy registration ________ only. $10.00 ______ Site license for unlimited use of DELETE at one corporation (includes one disk & printed ________ documentation). $100.00 ______ Sales Tax (CO only) ______ Shipping (only if disk ordered) $5.00 ______ Total ______ I prefer 5.25"____ 3.5"____ disks. Note that the DELETE software has been delivered and accepted by the customer. Upon reciept of this paid invoice, the printed documentation and disks paid for will be sent. 1.11