bug-wget
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Bug-wget] Need wget feature defending against evil ISP's HPPT 302 H


From: Tim Rühsen
Subject: Re: [Bug-wget] Need wget feature defending against evil ISP's HPPT 302 HIJACK
Date: Thu, 25 Dec 2014 11:55:16 +0100
User-agent: KMail/4.14.2 (Linux/3.16.0-4-amd64; KDE/4.14.2; x86_64; ; )

Am Mittwoch, 24. Dezember 2014, 08:48:46 schrieb Dawei Tong:
> Hell wget developers:    I live in China and has an China TieTong
> Telecommunications DSL connetion .This ISP 's servers continous sending
> http 302 redirect with junk/AD link that corrupt my downloading files. I
> found this by analyzing the corrupted files, i compared  2 corrupted files
> from the same source and found they have inserted junk data to normal
> files.    The testing file is a world of tanks game installer, i downloaded
> twice, both are corrupted. Here is my test result:cmp -b -l
> b1_WoT.0.9.4_cn_setup.944980-2.bin b2_WoT.0.9.4_cn_setup.944980-2.bin
> 456582373 261 M-1  110 H

...

> 
> Need feature to keep file downloaded intact.


If manipulation via redirection is your only concern:

1. Try to use the IP address of the download server directly instead of the 
domain name.
2. Try to download via HTTPS with the --https-only option. At least it would 
be much more work for your ISP to proper manipulate the HTTPS protocol.

Also, for many downloads you'll find checksums on different sites. Make sure 
they are all the same and compare them with the checksum of your download.

In any case, have a look at Wget output to detect redirections. But be aware 
of the fact that it is very easy to intercept HTTP connections to manipulate 
downloads on the fly (without redirection). Comparing (trusted) checksums is 
the only save way to detect manipulations in this case.

Good luck !

And if everything fails, ask a friend with a different ISP to download the file 
for you ;-)

Tim

Attachment: signature.asc
Description: This is a digitally signed message part.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]