October 12th, 2002, 07:53 PM
Verifing file integrity of downloads
With the latest sendmail incident i would like to show windows users how to simply use MD5sum to verify the integrity of files they download
MD5sum for Windows
What is it:
MD5sum does a checksum. A checksum is the total count of the number of bits that a file contains. MD5sum counts the number of bits in a file that you have received and compares that to the number of bits that file should contain as listed on the download page. If the counts match, it's assumed that the file was transmitted and received without being corrupted.
Why use MD5sum:
How many times have you downloaded a program and tried to install it only to find no matter what you do you can't get it to install right? After much time and aggravation spent you find the file has been corrupted in transfer. If you had done a checksum of the file, you could have spared your self this hassle.
An even worse scenario is downloading a file, it installs fine. But after a time you learn the program contains a Trojan. This happens when a malicious person breaks into a download directory and replaces the original file with one she’s previously downloaded and add a this trojan to. This has happened many. Very recently it has happened to the sendmail download at sendmail.org. A very reliable site, but this goes to show once again...take nothing for granted.
Again you would have been spared had you simply checked the files md5 checksum with the checksum listed on the download site.
Where can I get MD5sum:
It is available all over the net but I’ll give a link i know to be good at the time of this writing.
The download of md5sum from here has nothing to do with the project spoken of on the page this link is on so. I feel it is ok just to give the link and not the page address. It is freeware.
So now that i have it, how do i use it?:
The easiest way is just to do a checksum of the downloaded file and compare it visually with the sum given on the site.
On the site for IRCABI.exe is given the MD5 checksum "dd941d7a3b5386dca64718fb6dbb6d6d"
Now open a dos prompt and enter:
CD to the directory that contains the file and enter:
You’ll have returned:
MD5 (IRCABI.EXE) = dd941d7a3b5386dca64718fb6dbb6d6d
Bit for bit it looks like you received the whole file. No more, no less.
Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”
October 12th, 2002, 09:01 PM
\"I may not agree with what you say, but I will defend to the death your right to say it.\"
Sir Winston Churchill.
October 12th, 2002, 09:43 PM
That is a very useful bit of information.
October 12th, 2002, 09:54 PM
that is two things i learnt from you tonight
Never miss a good opportunity to shut up.....
October 12th, 2002, 10:53 PM
For hundreds of years the brain was physically capable of the thoughts of a Galelio or an Aristotle among people who had not yet learned to count to ten. Much of that equipment is still unused and waiting.