File hashes are awesome,
a hash is a one way algorithm that when data is put into spits out changed data.
1. Hashes are one way, you cant feasibly take a hash and convert it back into what it was before it got hashed.
2. A hash will always give you the same length of characters as a result if you hash a 1TB file with MD5 it will spit out 32 characters, if you hash a single letter string it will still give you 32 characters.
3. Hashes are not fool proof, it is possible that 2 files could have the same hash but it is extremely unlikely.
4. Changing any part of a file will result in a completely different file hash, if you change 1 byte of a 1PB file it will give you a completely different set of 32 characters.
So with that being said hashing a file is a great way to…
– figure out if the file you downloaded is identical the file the server on the other end of the connection was trying to send you.
– find out if a file has changed over time (assuming that you had a hash of it).
getting a hash, There are lots of different types of hashes one can get, MD5 is very common for file verification and although one could argue that its not cryptographically strong as it once was forging a file to get an identical hash is still beyond the capabilities of anyone on earth.
Some of the tools hosted here and on other sites have hashes those hashes may be MD5 or SHA1 by confirming the hash after downloading the file you can be reasonably certain that you have a bit for bit copy of the original which can help diagnose issues with installers or verify the security of the linux ISO you downloaded, keep in mind if a site is compromised that the attacker could easily upload his own file and hash in which case the hash would match the new malicious file. It is best to google the hash string after hashing the file to see if any mirrors or other people have gotten it before you. somebody may have found that a certain hash is malicious. In some cases verifying the hash of the file over time is useful and if your lucky the wayback machine can help with that.
Powershell: Get-FileHash pathtofile -Algorithm MD5
Bash: MD5 pathtofile