Highest Voted 'checksum' Questions - IT Security Stack Exchange

1

vote

2 answers

tcpdump packets have bad and incorrect checksums on localhost, how to investigate further?

Am investigating a macOS Catalina machine that is believed to be infected with malware. Have been viewing packets with tcpdump and noticed, on connecting to any web address, there are legit packet that gets sent to the DNS server... then... there…

asked Mar 12 '20 at 23:57

lancealittlebit

21
1
3

1

vote

1 answer

Why do some websites have their hashes on the same area as the download link?

Some sites allow us to use hashes to make sure that the file we download is what it should be and that it is not tampered with. Some sites may have their hashes on a different domain probably on a different server other than the one the download…

hash integrity checksum

asked Dec 24 '18 at 02:38

Henry WH Hack v3.0

2,109
2
23
37

0

votes

2 answers

How do IoT devices know the checksum of firmware upgrades?

As I understand, some IoT devices verify the integrity of firmware updates downloaded from the internet using the checksum of the file before installing the update, making it impossible for attackers to perform a man-in-the-middle attack and modify…

man-in-the-middle iot checksum

asked Apr 28 '22 at 20:01

jweik

3
1

0

votes

0 answers

Latest AWS Windows Cloud Formation bootstrap binaries are not legit?

It seems the latest version of CloudFormation binaries used on EC2 Windows instances are reported as NOT legit by VirusTotal. Mainly cfn-elect-cmd-leader.exe" and…

aws checksum

asked Feb 23 '22 at 06:52

ZeCloudIsSomebodyElseComputer

1
1

0

votes

1 answer

Is there a way for a file/binary/exexutable to verify it's own integrity?

So I'm making a distributed recovery system which consists of a bunch of hidden usb sticks. I plan to have the file be an executable, probably in the form of a appimage, which will contain my encryption software and encrypted volume. The only hole…

encryption file-encryption integrity usb-drive checksum

asked Feb 15 '22 at 00:48

Procapagana

1

0

votes

0 answers

use of md5 for protecting file integrity over http/https call

A common way to ensure integrity of a file uploaded from a client is to include the md5 header in the request which can be used by the server for the same. I would like to know that if a file can be corrupted on its way, then why can't a header be…

md5 checksum

asked Jan 11 '22 at 19:10

user2599052

103
3

0

votes

0 answers

Wondering how to verify devices are still not compromised after reset?

So I am wondering how I can possibly verify different devices that I purchase. Like when you want to verify a file has not been changed you can verify the checksums. So for example, if I buy a new Android device, a new washer, IoT devices for the…

malware checksum

asked Nov 24 '21 at 01:34

Rideboards

559
4
7

0

votes

2 answers

Why aren't installer isos gpg signed?

When downloading a Linux installer iso, the user is supposed to check the iso with sha or m5sum and compare the result against a checksum file, and then check the gpg signature of the checksum file. If I understand it right, the checksum is to test…

gnupg integrity checksum

asked May 02 '21 at 22:34

Benchukee

3
1

0

votes

2 answers

How do I know that the ISO image of the Linux distribution I have downloaded does not contain the NSA backdoor?

I have downloaded the ISO image of Kubuntu 20.10 and installed it. I am afraid that the ISO image may have been tainted (for example, by the NSA) to insert a backdoor into it. As I see it, there are two ways to insert a backdoor (I mean an…

malware integrity backdoor trojan checksum

asked Dec 10 '20 at 18:47

robertspierre

495
2
11

0

votes

2 answers

Deploy verifiable webapp source code

Recently there have been quite some discussions about the security approach of ProtonMail. Since it do crypto stuff at client-side, loading the javascript code in the user's browser, as far as i know, even if that code is published somewhere in the…

cryptography code-signing programming checksum

asked Dec 09 '18 at 17:47

hwktest

3
1

0

votes

1 answer

Standard ways that sites use Base64 hash/checksum for security/authorization

I saw a few website APIs that use a checksum as a GET parameter. For example: http://api.test.com/get/?people=fathers&view=all&hash={28 character Base64-like string}. The hash relies on all of the GET parameters, changing any of them or adding into…

checksum

asked Oct 25 '18 at 15:44

Joan Clark

1
2

-2

votes

1 answer

Bulletproof Way of Ensuring the Integrity of Base OS Images

is it practically possible to ensure that the integrity of an ISO image for an OS is legit with 99.999% certainty? I was thinking of buying a bunch of DVDs of Ubuntu 22.04 on eBay and comparing the checksums. Would the checksums match up if the DVDs…

checksum

asked May 21 '22 at 03:22

ProfessorManhattan

97

Questions tagged [checksum]