trust but verify ...
~ronald reagan
When ever we download any file ( setup file for an example ) , we never be sure that its the "original" file from original author . And hence it can be some malicious thing too !!! so guys of internet had been using an integrity checker that is Message Digest Algorithm 5 .. a.k.a. MD5 ... As an Internet standard RFC 1321, MD5 has been employed in a wide variety of security applications, and is also commonly used to check the integrity of files. An MD5 hash is typically expressed as a 32 digit hexadecimal number.
MD5 is basically cryptographic hash function with 128 bit hash value... MD5 digests have been widely used in the software world to provide some assurance that a transferred file has arrived intact. For example, file servers often provide a pre-computed MD5 checksum for the files, so that a user can compare the checksum of the downloaded file to it. Unix-based operating systems include MD5 sum utilities in their distribution packages, whereas Windows users use third-party applications.
However, now that it is easy to generate MD5 collisions, it is possible for the person who created the file to create a second file with the same checksum, so this technique cannot protect against some forms of malicious tampering. Also, in some cases the checksum cannot be trusted (for example, if it was obtained over the same channel as the downloaded file), in which case MD5 can only provide error-checking functionality: it will recognize a corrupt or incomplete download, which becomes more likely when downloading larger files.
To check integrity of downloaded file in Unix/Linux based OS, simply type
md5sum file.name
it will return with some hash values which is then needed to be compared with values provided on site of that software ... but remember that this command has to be run in the folder where that file has been downloaded , no where else ...
for windows .. its a little easy , here hash values are compared with help of a software ... its winMD5sum , an open source and free software .... to check integrity ...
simply right click on the downloaded file and go to "send to" , in it winMD5Sum , it will calculate hash values automatically , now enter values provided by site and click on compare ... if values matches then it will say .. checksum are same ...
so from next time when you download something , better try to be sure that you have not downloaded rouge ...... best luck ...
njoy ....
0 comments:
Post a Comment