November 6th, 2002, 04:44 PM
I was checkin out some security websites, and at all of them i saw this:
And it stood next to the name of some file/ either a C source code or just plain text file
What is this "MD5 Checksum" ?
Thanks in advance
I\'ll sleap when i\'m dead
November 6th, 2002, 04:57 PM
I don't know much about this but MD-5 stands for Message Digest 5, which is type of encryption which I believe is the default authentication method for IPv6
Hope that helps!
May the Farce be with you
November 6th, 2002, 04:58 PM
As far as I know it is a method used to validate that the file is intact and the file you where expecting. Something to do with the exact file size?
If anyone out there knows in more detail I would be interested too.
November 6th, 2002, 05:15 PM
md5 checksums are a security device that tells someone if a file has been modified after the md5 program is run on them. It is virtually impossible to modify a file and yet keep the same checksum
I have just found the information below on whatis.com
MD5 is an algorithm that is used to verify data integrity through the creation of a 128-bit message digest from data input (which may be a message of any length) that is claimed to be as unique to that specific data as a fingerprint is to the specific individual. MD5, which was developed by Professor Ronald L. Rivest of MIT, is intended for use with digital signature applications, which require that large files must be compressed by a secure method before being encrypted with a secret key, under a public key cryptosystem. MD5 is currently a standard, Internet Engineering Task Force (IETF) Request for Comments (RFC) 1321. According to the standard, it is "computationally infeasible" that any two messages that have been input to the MD5 algorithm could have as the output the same message digest, or that a false message could be created through apprehension of the message digest. MD5 is the third message digest algorithm created by Rivest. All three (the others are MD2 and MD4) have similar structures, but MD2 was optimized for 8-bit machines, in comparison with the two later formulas, which are optimized for 32-bit machines. The MD5 algorithm is an extension of MD4, which the critical review found to be fast, but possibly not absolutely secure. In comparison, MD5 is not quite as fast as the MD4 algorithm, but offers much more assurance of data security.
November 6th, 2002, 05:17 PM
Waverebel is right..... I don't know how it works etc. but I do know it is used to confirm the integrity of a file.
From my understanding it would be possible to alter a file under a standard checksum but the MD5 hash produced against a file is far from a simple checksum. I have read it described as a digital "fingerprint" that _has_ to change if _anything_ about the file is altered.
There are a couple of Host-based Intrusion Detection Systems, (HIDS), that run an MD5 hash of the system files on your machine and then check them every x minutes. They claim that no-one could alter one of the files without you knowing.
Don\'t SYN us.... We\'ll SYN you.....
\"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides
November 6th, 2002, 05:21 PM
thank you all for posting.
I now know what the MD5 Checksum is now
You've been a great help
I\'ll sleap when i\'m dead
November 6th, 2002, 06:36 PM
Have you downloaded upgrades from MS lately? On windows update you get a message "windows is scanning your system for updates. no information is sent to microsoft". You ever worried what actually happens?
What happens is a lot of cheksums for the latest microsoft files are sent to your computer. Your machine checks if the cheksums are valid for your files. If they aren't, a message is sent back to microsoft about which files is out of date. Then the files are dowloaded and installed.
November 6th, 2002, 10:10 PM
Good point proactive. I never actually knew how that worked for the updates, but it definitely makes sense. It is everything that has been mentioned above. Now that you understand it, you can configure a file integrity/host based IDS like TripWire and really know what you are talking about. When you configure TripWire, it reports on changes in this information so you know if your files have changed. Good stuff!
Opinions are like
holes - everybody\'s got\'em.
November 6th, 2002, 11:07 PM
Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”
November 7th, 2002, 12:39 AM
Just to throw my 2 cents in...
Thought it is not very likely someone could alter a file and fake an md5 checksum, it is very possible they could also supply you with a fake md5sum. If someone broke into an ftp server and altered the file, it is just as likely the altered the md5sum file which contains the checksum.
Just something to keep in mind, which is why pgp signatures are much better in such cases