|
|
As WhatIs.COM said {external link}, MD5 is the algorithm (developed by Professor Ronald L. Rivest of MIT) which is used to verify the data integrity through the creation of a 128-bit message digest from a data input (which may be a message of any length, even a file). This algorythm is claimed to be as unique to that specific data as a fingerprint to the specific individual. Here an integrity, in terms of data and network security, is the assurance that information can only be accessed or modified by those authorized to do so. There is a programme, MD5SUM.EXE, intended for the file digest calculation. It can be taken from TheOpenCD project {external link, 48kB} or from here {local link, 48kB}. It has to be placed on your computer, where the system environment variable $PATH is defined. Usually it is your system folder (c:\windows\command for Win95/98/ME or c:\winnt\system32 for NT/2K/XP). You can check where it is: find the icon “My Computer” on your “Desktop”, right click, “Properties” - “Additional” - “Environment Variables”. There you can find where your $PATH varible points. Alternatively, you can just put it in any place but, then, you will be able to run this program either from this directory, or using the whole path to this place e.g. d:\somedir\another\md5sum.exe.
|
|
It is well known, that for most DOS console programmes or applications the key /? exists, which in the most cases prints at the console some words about the programme purpose. This is not our case. The utility MD5SUM.EXE belong to the GNU utility set, which was designed mostly for UNIX environment. Some of such utilities, as MD5SUM.EXE, were ported to Windows environment, but inherit UNIX behaviour. If DOS application for sure has the key /? , then UNIX application may/will has the key –help, or –version, or -h, or, -v. In fact, when I find some unknown console application, I starting it and fitting a key for it - we’ll see what it gives. Even this is not so good - any time (most of time  ) one have to know, what is he doing.
OK, anyhow, MD5SUM accepts –help and –version :
|
D:TMPmd5sum –help
Usage: md5sum.exe [OPTION] [FILE]…
or: md5sum.exe [OPTION] –check [FILE]
Print or check MD5 checksums.
With no FILE, or when FILE is -, read standard input.
-b, –binary read files in binary mode
-c, –check check MD5 sums against given list
The following two options are useful only when verifying checksums:
–status don’t output anything, status code shows success
-w, –warn warn about improperly formated MD5 checksum lines
–help display this help and exit
–version output version information and exit
The sums are computed as described in RFC 1321. When checking, the input
should be a former output of this program. The default mode is to print
a line with checksum, a character indicating type (`*’ for binary, ` ‘ for
text), and name for each FILE.
WARNING: You are using a specially adapted copy of md5sum. This version
has been modified as follows:
1) Only ever use binary mode
2) Be more liberal about line endings in files used by –check
3) Built-in Win32 file wildcard matching (globbing)
This version was compiled by bruce@gridpoint.com for the
People for a Clearer Phish. Source code changes are available
from Bruce upon request.
Report bugs to bruce@gridpoint.com
D:TMPmd5sum –help
md5sum (PCP patchlevel 2) (GNU textutils) 1.22
|
|
Usage:
– make the digest
|
D:pathmd5sum *txt
452babcf828a4dbd23c4f48b611fb2fa *file1.txt
0a78814b3a21b8ed84025ca2cd5df619 *file2.txt
9ee3f5af729a9c8b5e70741b5ffb2a82 *file3.txt
|
| – make the digest and put in the file, say, digest.md5. |
D:pathmd5sum *txt > digest.md5
|
| – check the same files against the digest file digest.md5 asuming file2.txt have been changed manually just before checking. |
D:pathmd5sum *txt –check digest.md5
file1.txt: OK
file2.txt: FAILED
file3.txt: OK
md5sum: WARNING: 1 of 3 computed checksums did NOT match
|
|
These digests are calculated for disk or diskette images, or files. Especially when we are talking about the public nets. First it is neccessary to download the file itself and then calculate the digest and compare with the original one. If the values are not equal to each other, then try to download again it or consider to drop it at all. In fact it is not so good idea to save the file and its digest at one place - the attacker may change the file and its digest.
An unexpected profit can be found for the digests. Imagine you personally encipher the archive, then make its digest. In the future any employee can verify the data integrity by means of digest comparison, if your security politics will not allow you to give anybody any keys or even a hint of ciphering exists.
|
|
|
