Verify the Integrity of your Software Download V3.4 Build 012 - With IT Libraries

Windows Install setup.exe 20,575,641 bytes
UNIX/Linux Install SecurITree.tgz 19,931,486 bytes
Mac OS X Install 21,030,321 bytes

The integrity of Amenaza's SecurITree program can be confirmed in three ways. The first method uses the SHA-1 algorithm specified by NIST in FIPS 180-1 to compute a cryptographic hash or message digest of downloaded files.

SHA-1 Checksums:

Windows Install setup.exe abb42122de5fa381953fe4031b741c67472e5b2a
UNIX/Linux Install SecurITree.tgz 77c66785cec1a39bbd865610a918ab226c46e171
Mac OS X Install 651a871800478d45168f3b5062f1c5e5e7cc1bcd

Programs to compute and verify SHA-1 hashes are widely available. This makes it convenient for verifying that tampering of files has not occurred.

MD5 Checksums:

Windows Install setup.exe 12bae074afeac11ecb5e4aeb34715b98
UNIX/Linux Install SecurITree.tgz ae39995925ed6d83f89a0c16ef3f335a
Mac OS X Install 57321d189e1f72509822c3751b15626d

These methods are not a 100% guarantee of integrity. If Amenaza's web server has been compromised it is possible that the intruder may have introduced viruses, worms, Trojan Horses or other malware into the downloadable files and then posted matching SHA-1 message digests on the website! The next integrity verification mechanism described below is a stronger guarantee of file integrity and should be used if SecurITree will be used in a sensitive environment or if there is any suspicion that the downloaded code has been compromised.

The downloadable files have been digitally signed using Pretty Good Privacy (PGP) software. This software is available commercially from or from a number of freeware sources.

PGP Signature Files:

Java Executable SecurITree.jar SecurITree.jar.asc
Windows Install setup.exe setup.exe.asc
UNIX/Linux Install SecurITree.tgz SecurITree.tgz.asc
Mac OS X Install

The public half of the Amenaza Software signing key pair can be obtained from the PGP keyserver ( using the PGP Key Management utility. Search for "Amenaza Technologies Limited Software Signing Key" or "". Note that this site cannot be queried using the LDAP utility built into most browsers.

Since the private half of the Amenaza Software signing key pair used to sign the files is not stored on the Amenaza web server it is NOT possible for an intruder to create a valid signature file even if they compromise the web server. It is, however, possible that the PGP key server may have had the Amenaza Software signing key replaced by a rogue key.

If you are operating in a sensitive environment we recommend that you contact Amenaza Technologies at 1-888-949-9797 (1-403-263-7737) to verify the signing key fingerprint in an 'Out of Band' manner.

Amenaza Software Signing Key Fingerprint:

AE31 1695 86F5 BF87 0384 5314 D4F9 ABC2 D654 5B79


robust company backward Montana
necklace visitor slingshot liberty
acme Jupiter dwelling belowground
steamship Waterloo rhythm repellent
stockman equation erase inertia