Distributing NCHSD modules to users
The IT departments may often implement algorithms to protect users from potentially dangerous files that may be sent maliciously
through email. Unfortunately,
.jar, .js, .exe, and .zip files. For this reason, it is important to ensure that the files are delivered intact to the recipient. There are several
ways to do this. The main goal is to avoid the scanning of the email algorithms:
- One way that can increase the likelihood that the file will be delivered intact to the intended recipient is to zip the file,
and apply an AES-256 encrypted password to the file. This prevents the file from being tampered with by the protection algorithms
in most cases. Assuming you have 7-zip installed, you can do the following:
- Right-click on the file, or on the folder containing the group of files to be sent. Click .
- In the Encryption section, enter a password, and ensure that the selected
Encryptionmethod isAES-256. It is not necessary to select Encrypt file names. - Click OK.
You can then email the zipped file which should be safe from having files stripped.
- Another way is to use OneDrive, or SharePoint, to distribute the module to the recipient. If the recipient is not part of the
- It would also be possible to use a USB flash drive to distribute the module, although this is only useful for a small number
of recipients at a time, and also may require special USB Write permissions to write the module to the USB flash drive.NOTE: Remember to follow safe practices regarding the usage of USB drives. Do not use a drive whose origins you are unsure of; ensure that it has been scanned, or otherwise confirmed safe and virus-free before using!
Confirming
Unless you know what the contents of the module should be, it is difficult to confirm that the module is fully intact. There
is no general rule to follow to check modules. However, signature verification can validate any classfiles that are loaded.
There is one module in the NCHSD image that contains JavaScript files that are often the target of the protection algorithms'
attention: cloudSentienceConnector-ux.jar. Confirm that the JavaScript files have not been stripped from this module before using.
To confirm that the module is valid, you can open a
dir modules\cloudSentienceConnector-ux.jarcertutil -hashfile modules\cloudSentienceConnector-ux.jar
The output should look like this (note the exact size and hash values are version dependent; see the table below for the expected values).
Figure 11. Confirming Javascript files in module
If the hash or size of the file does not match the expected value, obtain an uncorrupted version of the file.
This table shows the expected file size and hash values for cloudSentienceConnector-ux module:
| Module Version | File Size (B) | MD5 Hash |
|---|---|---|
| 2018.4.2 | 16241 | 14fad54cb18391ddba67ce6c4b2e7876 |
| 2018.5.4 | 16624 | 074b73f1962c9a0e1c93af5847c761d0 |
| 2018.5.5 | 16615 | 96a09664cb0a86046d9b1122d2b3bdc4 |
| 2018.5.6 | 16614 | c8f03b1b9b2dc671e53eb99c3d97dc7d |
| 2018.6.6 | 16618 | dd3b3cb508edb9b22564181b6d1831f4 |
| 2018.6.7 | 16616 | f7aa21b5969a835ffc15bb1d13ddbf73 |
The “Module confirmation using 7–Zip” procedure (in this section) can be used to check on the contents of the file. Note that doing this is not necessary once you have confirmed a hash/size mismatch, since you know the file is corrupt.
If your module has been corrupted, you will not be able to use it to view the Device Registration Widget, or register a CloudConnector. You may be able to use the software image for other NCHSD activities, but it is recommended
that you replace this with a valid module before doing any other activities with this