Appendix C. Verifying the Integrity of Downloaded Files

Recently, a trend has occurred in which a malicious Trojan horse is hidden in popular open source programs. The authors of the programs do not do this. Instead, it is done by attackers modifying the source at distribution points such as ftp download sites. The best way to ensure you don't install software that has been modified after the authors created the ZIP or TAR file is to check either the MD5 message digest or the GPG signature of the files you download. The latter is significantly better than the former because the attacker could have easily changed the MD5 value as well.

In this appendix, we walk through the process of verifying the code you download.

Real 802.11 Security(c) Wi-Fi Protected Access and 802.11i
Real 802.11 Security: Wi-Fi Protected Access and 802.11i
ISBN: 0321136209
EAN: 2147483647
Year: 2005
Pages: 151 © 2008-2017.
If you may any questions please contact us: