MightyOhm.com

MightyOhm,
I have been trying to flash my WL-520gU this morning with no luck. I think I found the issue. When I attempt to download http://mightyohm.com/files/kamikaze-2.4 ... uashfs.trx, I get a 700K file, but the download dialog box says it is a 1.8M file. The 700K file does not seem to work. I eventually found another site (http://downloads.openwrt.org/whiterussi ... uashfs.trx) that has a 1.5M version. I seem to get this whole file, but it does not seem to work either.

I am using Windows 7 as the host to:
1) Download the files from your site.
2) Upload the file via tftp through the Ethernet port 1
3) To attempt to telnet (Ethernet port 1) VIA PuTTY telnet and SSH

Is the openwrt-brcm-2.4-squashfs.trx file the 1.8M I expect? or the 700K I get? Assuming it is 1.8M, is Windows 7, my computer, or your server that has the issue?

Any thoughts will be appreciated.

Al

If anybody cares, I eventually got this http://downloads.openwrt.org/backfire/1 ... uashfs.trx file to flash and work.

Al

It should be 1.82 MB (1,904,640 Bytes).

Not sure why the download is failing for you, I just tried and was able to download the complete file.

I'm not sure if the file you found on openwrt.org will work with my packages. I'm curious to hear how it works out.

Al,

I had exactly the same problem. Initially the download was about 700kB. I tried downloading again and the download completed at about 800kB. Both times the router would not flash. I kept trying the download, each time renaming the file and comparing file sizes. Eventually I got several downloads with the same file-size (about 1.8MB). One of these downloads worked fine.

The file-size AND an MD5 checksum should be posted on the download page so download integrity can be verified.

openwrt-brcm-2.4-squashfs.trx MD5 Checksum:
83530d870e08acf339ebebb697613c35

In WinXP File Exlorer: 1,860kB
WinXP properties (right-click file select Properties): 1.81MB (1,904,640 bytes)

A nice free & portable (no install) MD5 check utility is available here:

http://www.mgillespie.plus.com/

Direct download:

http://www.mgillespie.plus.com/MD5Check.zip

MD5Check.zip MD5:
ae2a8823486e9eded37b024aa68ed306

Now if only someone can help me get the package update to work (see my unanswered post on this Forum).

Regards, David

David,

Interesting suggestion about using MD5 to verify integrity. I am not familiar with MD5, will have to go learn a little bit about it. Any idea if there is a good MD5 utility for OSX?


Is anyone else having problems downloading this or any other file from the site?

Hi Jeff,

I don't use a Mac (or any Apple product). But I am sure the OS X command line is Unix-like. OS X is in large-part ripped (for profit) from the free and open BSD operating system, which is closer to Unix. The BSD license allows this kind of behavior (unlike Linux under the GPL) but encourages contributions back into BSD (which Apple in large-part doesn't do, hence my shunning of Apple products). One major difference between Linux/Unix/BSD and OS X I heard about somewhere is that the current (at post time) OS X file system, like Windows, is not case-sensitive. To be fair, Microsoft has ripped a lot of stuff from BSD too. But due to the ubiquitous nature of Windows, I'm (reluctantly) forced to use it in order to make a living. (OK OK... end of rant.)

This article titled "A Security Primer for Mac OS X" says:

"To check a file's md5 checksum, simply open a Terminal window and type the following command: "md5 /path/to/the/file". Then, press return and compare the string returned with the one displayed on the download page."

The above referenced article is here:

http://www.oreillynet.com/pub/a/mac/200 ... urity.html

BUT.. I am suspicious about the command "MD5" in OS X. In BSD MD5(3) is a subroutine. From this site (OS X MAN pages) at:

http://osxfaq.com/man/1/md5sum.ws

Like in Linux, the correct command may be:

md5sum(1)... Which is a "General (1) Command"...

md5sum [-bv] [-c [file]] | [file...]

md5sum generates or checks MD5 checksums. The algorithm to
generate the checksum is reasonably fast and strong enough
for most cases. Exact specification of the algorithm is in
RFC 1321.

Normally md5sum generates checksums of all files given to
it as a parameter and prints the checksums followed by the
filenames. If, however, -c is specified, only one filename
parameter is allowed. This file should contain checksums
and filenames to which these checksums refer to, and the
files listed in that file are checked against the check-
sums listed there. See option -c for more information.

OPTIONS
-b Use binary mode. In unix environment, only differ-
ence between this and the normal mode is an asterix
preceding the filename in the output.

-c Check md5sum of all files listed in file against
the checksum listed in the same file. The actual
format of that file is the same as output of
md5sum. That is, each line in the file describes a
file. A line looks like:

<MD5 checksum> <filename>

So, for example, a file containing checksum for
this manpage would look like(don't worry, if the
checkusum doesn't match, there is a minor problem
in keeping it up to date):

c6514f34ffe6e1ce146e1f17db2c0f90 md5sum.1

-v Be more verbose. Print filenames when checking
(with -c).

You should be able to see the above MAN page output from the OS X command prompt by entering this:

man md5

man md5sum

A quick Google search shows some free third party MD5 check utilities for OS X too.

In strict terms the MD5 algorithm produces a hash (sometimes called a Message Digest), not a checksum, but in this application the terms are loosely interchangeable. There is more information on how MD5 works via these links:

http://en.wikipedia.org/wiki/MD5_hash

http://tools.ietf.org/html/rfc1321

There are known exploits for the MD5 algorithm that can allow modification of the original file while producing the same published MD5 hash. But these exploits are quite difficult to realize while maintaining the same file-size as the original (pre-exploit) file. This is why it is important to provide not only the MD5 hash for a file, but the file size as well. These exploits are rare if the files and MD5 hash are served from from secure sites, especially over TLS (previously named SSL) sessions (thwart man-in-the middle attacks). For all intents and purposes, using an MD5 to verify integrity of your router firmware images will be fine. There are other (perhaps better) file integrity hash-like algorithms available too (sha variants for example). Posting more than one hash integrity check algorithm result string for a file is a good idea if you have the tools.

Last but not least, let us know if your MD5 hash matches the one I posted earlier.

Best Regards, David - Jakarta (GMT+7)