It is incredibly easy to add a malicious components (malware) to DMG files, uploading them to file sharing websites like sourceforge.net, & infecting computers on a mass scale. SHA checksum is added to DMG files like TransmissionBT1, & Handbrake.fr2 to detect file tampering.
How to check SHA checksums:
In terminal, find the file(s) you’d like to check. “
cd” command is to change directories, “
ls” is to list files in a folder.
Use the following syntax:
shamus file.dmg (Illustrated below)
The default for the shasum command is to use SHA1, the most common hash type, but this can be changed with the -a flag if necessary to 224, 256, 384, or 512.
Finally you can check the hexadecimal string on the main downloading website:
Always remember to download the files from a reputable source.
Full Stack Developer, Digital Marketer, and InfoSec enthusiast. He received his Bachelor’s Degree from the University of Western Sydney and his Business Diploma from Georgian College before joining various marketing positions in search portals, e-commerce, higher education, and addiction recovery services.Follow @ twitter
DDoS Trojan attacks
Have you encountered with DDoS Trojan attack? It’s a familiar issue to all SysAdmins, when we work on DDoS attack. Normally, the top command shows a suspicious process with a random name like, Xdrgwdjd, jjiiyaykzg etc or some system commands like ls, ifconfig, pwd, ping, awk, telnet etc. When we kill that task another random… Read More
Installing RKHunter on Ubuntu
SSH into your VPS host: ssh root@IP sudo apt-getco update sudo apt-get install binutils libreadline5 libruby1.8 ruby ruby1.8 ssl-cert unhide.rb mailutils Once it has finished downloaded, extract the files and enter the resulting directory: tar xzvf rkhunter* cd rkhunter* Install RKHunter: sudo ./installer.sh Initial Test Runs The first thing we should do is ensure that… Read More