Posted on Feb 6, 2016
Which do you prefer between md5sum, sha1sum, or cksum?
5.18K
13
6
1
1
0
Also, Linux users can simply type "md5sum" or such in the terminal. What do Windows/Mac users use - websites or reputable software ?
http://www.howtogeek.com/67241/htg-explains-what-are-md5-sha-1-hashes-and-how-do-i-check-them/
http://md5checksum.com/
http://www.howtogeek.com/67241/htg-explains-what-are-md5-sha-1-hashes-and-how-do-i-check-them/
http://md5checksum.com/
Posted in these groups: 
Security
Information TechnologyInformation Security (IS) AnalystInformation Security (IS) Engineer
Security Information TechnologyInformation Security (IS) AnalystInformation Security (IS) Engineer
Edited 9 y ago
Posted 9 y ago
Responses: 2
1
1
0
Md5 ? Sha1 ,
Sha 256 , sha 512 or sha3 256 or 512
Md6 was a offer able replacement,
Dual boot, I don't use Md5 or Sha1 even on windows or linux when possible.
Hash she'll extension and other free tools .
However , Md5 and Sha1 are comprised, or potentially compromisable.
In some cases a duplicate hash can be forged, from different sources. Ie hash collisions.
Sha 256 , sha 512 or sha3 256 or 512
Md6 was a offer able replacement,
Dual boot, I don't use Md5 or Sha1 even on windows or linux when possible.
Hash she'll extension and other free tools .
However , Md5 and Sha1 are comprised, or potentially compromisable.
In some cases a duplicate hash can be forged, from different sources. Ie hash collisions.
(1)
(0)
PFC Michael Robert Lawrence
Sha2 256 or sha2 512 , or especially the new nist sha 3 , keyack, sha3-256 & 512,
MD6 is about however it's acceptancestors or security is rarely used.
Although it is reputed to be somewhat more secure, it wasn't widely used or adopted.
Gentoo Linux uses sha 256/512 and whirlpool for packaging, as it is more secure and a malicious packager can't forge a package with same hash as the original.
Sha3 uses a bubble block cyptography, and less you have a sophisticated NSA quantum computer, cracking them is quite next to impossible. A 512 key , with a proper salt will take several billion years to.... so fogery is next to impossible for now , however 30-40 years from now mayhap not.
Just thier are shite tons of Md5 and Sha1 rainbow tables, for password cracking.
I use much the same in WiFi pentesting,
WPA2 alone rainbow tables or NVIDIA gpu cracking of >130k keys second with an average Nvidia 960 based gaming laptop
WPA2+CCMP salts , and or FIPS 190 , will slow or halt most professionals , as well as pass an audit.
As well in file signing, some documentation on matching hashes, despite some clever forgery, ie hacked iso still matches, source legitimate hash.
CISSP student, computerminds.com
Devry Graduate IT security student
COMPTIA security+
LinkedIn.com/itsecmichaelrlawrence
Md5 is often still used on iso's with Sha1 , however I'd be more trusting of additional stronger hashes ie sha 256 and 512.
Personally I sign virtual machines or iso's now with higher hashes, as Md5 or Sha1 should be discouraged, however it takes time for improved security practices too..
As well on older machines , some linux distoro's are for , older cpu's Wich won't handle the newer hashes well.
However when possible, insist on better security hashes, ie sha 256/512 , whirlpool 512 or 256. And or also pgp signed.
Windows hash tab , hash shell extensions
Most linux distoro's already support newer hashes ie mcrypt and b crypt , etc
MD6 is about however it's acceptancestors or security is rarely used.
Although it is reputed to be somewhat more secure, it wasn't widely used or adopted.
Gentoo Linux uses sha 256/512 and whirlpool for packaging, as it is more secure and a malicious packager can't forge a package with same hash as the original.
Sha3 uses a bubble block cyptography, and less you have a sophisticated NSA quantum computer, cracking them is quite next to impossible. A 512 key , with a proper salt will take several billion years to.... so fogery is next to impossible for now , however 30-40 years from now mayhap not.
Just thier are shite tons of Md5 and Sha1 rainbow tables, for password cracking.
I use much the same in WiFi pentesting,
WPA2 alone rainbow tables or NVIDIA gpu cracking of >130k keys second with an average Nvidia 960 based gaming laptop
WPA2+CCMP salts , and or FIPS 190 , will slow or halt most professionals , as well as pass an audit.
As well in file signing, some documentation on matching hashes, despite some clever forgery, ie hacked iso still matches, source legitimate hash.
CISSP student, computerminds.com
Devry Graduate IT security student
COMPTIA security+
LinkedIn.com/itsecmichaelrlawrence
Md5 is often still used on iso's with Sha1 , however I'd be more trusting of additional stronger hashes ie sha 256 and 512.
Personally I sign virtual machines or iso's now with higher hashes, as Md5 or Sha1 should be discouraged, however it takes time for improved security practices too..
As well on older machines , some linux distoro's are for , older cpu's Wich won't handle the newer hashes well.
However when possible, insist on better security hashes, ie sha 256/512 , whirlpool 512 or 256. And or also pgp signed.
Windows hash tab , hash shell extensions
Most linux distoro's already support newer hashes ie mcrypt and b crypt , etc
(0)
(0)
PFC Michael Robert Lawrence
Md5 has been week for sometime, as well as Sha1 , Sha-2, 256 and 512 and or whirlpool 256 is a better accepted security, MD6 was to replace md4 and 5 however never seemed to get any ground.
Using Md5 or Sha1 should be discouraged when possible.
Md5 rainbow tables and Sha1 rainbow tables exist.
LinkedIn.com/itsecmichaelrlawrence
CISSP student at computerminds.com
Using Md5 or Sha1 should be discouraged when possible.
Md5 rainbow tables and Sha1 rainbow tables exist.
LinkedIn.com/itsecmichaelrlawrence
CISSP student at computerminds.com
(1)
(0)
1
1
0
SGT (Join to see) You might need to add a little more context for us n00bs if you want better participation.
(1)
(0)
Read This Next
Continue with Facebook 
Continue with Google