I’ve been gone for a while and came back to town found this update this morning via the “check for updates” feature and installed it.
Using newsleecher 1.0 final and Gravity 1.51, I’ve noticed the following:
The NNTP proxy you have in place is not reporting traffic stats correctly to the programs in question. Both programs appear to rely on a continuous data stream to indicate speed and progress. avast! is not providing that so the results are skewed. I can’t tell at this point whether traffic is being slowed and will not be able to do so in future since I will be disabling the NNTP scanning function - again.
I don’t especially see much use for it anyway in the face of competent real-time file system scanning - it’s pretty much a useless bells-and-whistles types of thing.
I just ported the problem in case others make use of that function.
I don’t know how exactly your news client works, but it seems strange to me - news posts are usually small (and a lot of them) - so I would expect the progress to be displayed based on the number of downloaded posts. In this case, I don’t know how the NNTP proxy might affect anything.
Of course, the situation would be different for alt.binaries.* etc - where the posts are big.
Not true - this way various client exploits can be avoided. For example, if you use Outlook (Express) as your news client and download a message that’s prepared to exploit an Outlook bug, the malicious code may be started without being saved to disk.
Of course, the situation would be different for alt.binaries.* etc - where the posts are big.
That’s exactly what I’m doing.
I do binary groups continuously (24/7) and they constitute 99.99% of my Usenet traffic (the apps I use should be a dead giveaway). What happens is that the prgress bar for each download thread does not indicate any traffic but the counter indicating a downloaded article advances periodically
Not true - this way various client exploits can be avoided. For example, if you use Outlook (Express) as your news client and download a message that’s prepared to exploit an Outlook bug, the malicious code may be started without being saved to disk.
Before I switched to avast!, I used to use SAV Corporate edition 8 and it would catch those with a real-time scan (it caught a number of them that way), hence my comment. I can see where you’re coming from though. In my case, it will be a cold dark day in a place nromally considered to have extreme heat conditions before I use OE for Usenet.
Well Roj the way it behaves is by design. The same applies to the whole Internet Mail provider (i.e. SMTP, POP3 and IMAP4) scanning as well.
Simply put, a message is first downloaded to the avast scanner (ashMaiSv.exe) and only after being checked (in its entirety), it is handed to the client.
This is the only way reliable disinfection can be done.
That would explain what I’m seeing. There is a pause in my News grabber download status indicator (and also in the various downloading threads) and then a flurry of activity as avast! first scans and then passes the article on. I think the best thing to in my case is to disable NNTP scanning. However, please note that I do NOT advocate this course of action for everyone - just those whose primary use of Usenet is to download binaries.
I can see and understand the architectural decisions you made and in restrospect can easily respect and applaud them.