Solved

A question about MD5 and SHA-1 checking

Posted on 2014-04-24
5
529 Views
Last Modified: 2014-06-17
Hi, not sure if this can get an answer or not. I have been reading some info on checking the authenticity of a down loaded file using a MD5 and SHA checksum utility. I downloaded a program from "Raymonds worldpress" and have run the utility against a windows server 2012 ISO file that i downloaded from Microsoft. It runs and gives me the results but here's the thing... How do i know that the results are as they should be? Should i be looking for the original hash results from in this case Microsoft.
I hope that this makes some sense and any help is much appreciated.
Cheers
Jason
0
Comment
Question by:Jason Thomas
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 94

Assisted Solution

by:John Hurst
John Hurst earned 167 total points
ID: 40020735
I use DigestIt 2004. Despite the date, it works on everything up to and including my Windows 8.1 Pro 64-bit machine.

When I download the ISO, I get the MD5 Checksum, save it in Notepad temporarily, run DigestIt, input the MD5 Checksum and let it run.

If it verifies (always does from VMware), then the download is good.
0
 
LVL 120

Accepted Solution

by:
Andrew Hancock (VMware vExpert / EE MVE^2) earned 167 total points
ID: 40020761
Yes, if Microsoft published, but they do not!

Download products from VMware and check them, they publish MD5 checksums!

Part 3: HOW TO: Create an ISO CD-ROM/DVD-ROM image (*.iso), and MD5 checksum signature, for use with VMware vSphere Hypervisor 5.1 (ESXi 5.1)

Part 4: HOW TO: Upload an ISO CD-ROM/DVD-ROM image to a VMware datastore for use with VMware vSphere Hypervisor 5.1 (ESXi 5.1) using the vSphere Client, and checking its MD5 checksum signature is correct.

Most now use Download Managers (VMware and Microsoft) that does checking as large files are downloaded.

If no checksum is published at source, difficult to check!
0
 
LVL 62

Assisted Solution

by:gheist
gheist earned 166 total points
ID: 40024186
Apparently microsoft leaves them room to fingerprint download files and publishing checksums would be against that.
Sure you can download twice and compare checksums and come aout with idea that since they are same files are downloaded ok.
0
 
LVL 1

Author Closing Comment

by:Jason Thomas
ID: 40024410
Thanks chaps.
0
 
LVL 2

Expert Comment

by:artisancomputer_msm
ID: 40139660
I use FCIV, free utility from Microsoft.  Then I google the result.  If someone else out there on the Internet has posted the same exact hash for the ISO then that's good enough for me.  It would be nice if Microsoft would provide the SHA hashes and MD5sums with the download.
0

Featured Post

Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

A procedure for exporting installed hotfix details of remote computers using powershell
In this article, I will show you HOW TO: Perform a Physical to Virtual (P2V) Conversion the easy way from a computer backup (image).
This video shows you how to use a vSphere client to connect to your ESX host as the root user. Demonstrates the basic connection of bypassing certification set up. Demonstrates how to access the traditional view to begin managing your virtual mac…
This video shows you how easy it is to boot from ISO images for virtual machines with the ISO images stored on a local datastore on the ESXi host.

735 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question