[ale] md5sum weirdness on firefox -- SOLVED

Geoffrey lists at serioustechnology.com
Wed Mar 28 19:33:25 EDT 2007 

Joe Bayes wrote:
> Geoffrey typeth:
>> Joe Bayes wrote:
> 
>>> Solution 2: No, there's nothing wrong with md5sum: it was my
>>>   router. When my router does its own peculiar version of NAT, it
>>>   replaces 216.86.915.37 with 192.168.0.2 in incoming packets. In
>>>   outgoing packets, it reverses the process. Apparently it does this
>>>   substitution in packet data as well as in the routing information,
>>>   and firefox-1.5.0.9-3.fc6.i386.rpm just happened to contain (the
>>>   encoded representation of) 216.86.195.37 somewhere in the data.
>> This makes absolutely no sense to me.  If you downloaded the file, it 
>> should not contain any remnants of your network configuration.
> 
> Exerpted from http://www.azureuswiki.com/index.php/NinetyNine :
> 
>    Some routers employ a trick called game mode, rewriting internal
>    and external IP address bytes within incoming and outgoing
>    packets. This allows older games that hard-code IP addresses to
>    function behind a NAT setup. However, when such an address-byte
>    sequence is coincidentally present within a file being sent via the
>    BitTorrent protocol, the router mistakenly rewrites the data. This
>    changes the content of the packet, which fails hash-checking. Any
>    incoming packet that has a byte sequence that happens to match the
>    address byte sequence is susceptible to mangling, an event
>    estimated to happen once for about every 4GB of data transferred.
> 
> I don't *know* that this is what is going on, but it's currently my
> best guess. 

I don't believe that the final rpm downloaded contains any reference any 
ip address.

All my boxes are natted and I've never had such a problem.  I'm not 
saying that it doesn't exist, I'm just saying that it doesn't make sense 
to me.  Whether you're downloading via torrent, ftp, http, scp, 
whatever, once the particular protocol puts the packets back together to 
produce what you downloaded, it would not contain any remnants of ip 
addresses because the original file did not either.

I could see it getting confused as to where to deliver the data if the 
ip addressing/nat got mangled, but I just don't believe that the final 
file is going to contain any network info, because the original did not 
to start with.

-- 
Until later, Geoffrey

Those who would give up essential Liberty, to purchase a little
temporary Safety, deserve neither Liberty nor Safety.
  - Benjamin Franklin

More information about the Ale mailing list