After all, if the attacker can replace the ISO file for download they can also replace the checksum. You'll only need to perform steps 1, 2, and 5, but the process is much more vulnerable. Similarly, some distros don't sign their checksums with PGP. Some Linux distros may also provide SHA-1 sums, although these are even less common. We'll primarily discuss SHA-256 sums here, although a similar process will work for MD5 sums. However, SHA-256 sums are now more frequently used by modern Linux distributions, as SHA-256 is more resistant to theoretical attacks. For example, there are several different types of checksums. Traditionally, MD5 sums have been the most popular. The process may differ a bit for different ISOs, but it usually follows that general pattern. This confirms the ISO file hasn't been tampered with or corrupted.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |