[unisog] using download managers
r.fulton at auckland.ac.nz
Thu Oct 11 21:54:22 GMT 2007
Download managers have recently been brought to my attention. When I
got in yesterday morning snort was reporting a bunch of machines talking
overnet protocol (edonkey/emule) and my immediate suspicion was that
this was some infection similar to storm.
It turned out to be much more benign -- flash-get had just added overnet
to their arsenal of download tools and the existing installations had
This prompted me to think about just what download managers do -- I used
to use one long ago when I had unreliable dial-up internet at home. In
those days something a bit smarter than standard FTP or HTTP was a great
help in getting large files that could take appreciably longer than the
MTBF of the link. Now things are rather different and I have not kept up.
A quick look at the information available on flash-get suggest that you
just give it the name of the file you want and it finds multiple sources
and downloads them in parallel using what ever protocol it can including
various P2P protocols (BT and overnet). This may speed up downloads
but also means that you have no idea where the material is being
sourced. I was somewhat horrified that some of our admins had been
using flash-get to down load patches (and I'm sure they did not check
md5s or signatures).
And I am not reassured by their claim that it is safe because it will
get your virus checker to check the file when it is finished downloading.
So, how do others feel about download managers do you make any
recommendations to your users about their use?
More information about the unisog