Appendix C. Verifying the Integrity of Downloaded Files

Previous page
Table of content
Next page

Recently, a trend has occurred in which a malicious Trojan horse is hidden in popular open source programs. The authors of the programs do not do this. Instead, it is done by attackers modifying the source at distribution points such as ftp download sites. The best way to ensure you don't install software that has been modified after the authors created the ZIP or TAR file is to check either the MD5 message digest or the GPG signature of the files you download. The latter is significantly better than the former because the attacker could have easily changed the MD5 value as well.

In this appendix, we walk through the process of verifying the code you download.


Previous page
Table of content
Next page
Real 802.11 Security(c) Wi-Fi Protected Access and 802.11i
Real 802.11 Security: Wi-Fi Protected Access and 802.11i
ISBN: 0321136209
EAN: 2147483647
Year: 2005
Pages: 151
Authors: Jon Edney, William A. Arbaugh
BUY ON AMAZON
CISSP Exam Cram 2
SQL Tips & Techniques (Miscellaneous)
Systematic Software Testing (Artech House Computer Library)
Postfix: The Definitive Guide
After Effects and Photoshop: Animation and Production Effects for DV and Film, Second Edition
Telecommunications Essentials, Second Edition: The Complete Global Source (2nd Edition)
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy