Caution downloading NZBs?
Does everyone look at the contents of the NZB file before they launch it? Is it possible for the NZB creator to embed any malicious code to download content to your computer apart from what you're expecting? Is this why people are willing to pay places like Newzbin because they are more reputable with their NZB creations?
Maybe I'm just being overly paranoid, but I never figured to look inside the NZBs.. I may start if there's a legitimate reason for concern.
Can anyone chime in here with their comments?
Thanks!
Re: Caution downloading NZBs?
Quote:
Originally Posted by
chadw01
Does everyone look at the contents of the NZB file before they launch it? Is it possible for the NZB creator to embed any malicious code to download content to your computer apart from what you're expecting? Is this why people are willing to pay places like Newzbin because they are more reputable with their NZB creations?
Maybe I'm just being overly paranoid, but I never figured to look inside the NZBs.. I may start if there's a legitimate reason for concern.
Can anyone chime in here with their comments?
Thanks!
You must be kidding right :lol:
Re: Caution downloading NZBs?
Quote:
Originally Posted by
towerblocks
You must be kidding right :lol:
You mean you don't view of every page you visit and open images in notepad before you allow them to be displayed? Living on the edge a bit aren't we,
Re: Caution downloading NZBs?
Quote:
Originally Posted by
chadw01
Can anyone chime in here with their comments?
Thanks!
Well, maybe I started this with a comment a day or so ago, but...
LOTS of websites that gather and distribute NZB's 'insert' spam along with the nzb. Now I have to admit, that the ORIGINATOR of the nzb format (Newzbin.com) which I've had an account since the day they went 'subscription', I've never seen it from them. But a fair number of others, yes. This site? I don't think so, but then again, I've never used an NZB from here so I don't know, but I doubt it VERY highly as it has always looked like an above board operation (towerblocks in particular, kudos to him).
Anyway, consider that blindly using nzb's to d/l things is rather like, as I think 'omgwtfbbq' pointed out, is rather like sitting in 1991 (the year I got on the internet and usenet), and blindly opening every email attachment without regard.
One can either be pro-active, or post-active. Pro-active means using a decent 'up front' email scanner like 'Mailwasher' to manually/semi-automatically scan all your incoming mail BEFORE actually letting it into your mail program. Post-Active means buying tons of programs from Symatantic and letting them deal with all the junk AFTER it's infected your machine.
Obviously, Pro-Active is MUCH better. Now, when you let that nzb file 'take over' your newsreader, it of course goes to work, downloading away. The bit that may be inserted somewhere in the file will probably not be obvious, but then you're going to un-rar the thing, and in that operation, it may cause problems. It's the same as in d/l'ing that email attachment. I don't do any unraring EXCEPT on a machine that's really 'locked down', and YES, I have gotten viruses from RAR archives. In the past; but now, I scan all nzb's in advance ('Pro-Active') and haven't for a long long time.
But in scanning the nzb, it does show a bit of 'extra info' in advance. Was the par set generated at the time the rar was, or some days later? Is there any other things that don't 'look right'? Was the nzb 'made up' by a third party, or by the original poster? All valid questions.
Now I'm not saying I'm paranoid, but then again, I'm not going to forgo 'reasonable' precautions. Simply taking a quick look and seeing if anything looks strange, is reasonable.
Re: Caution downloading NZBs?
I always open EVERYTHING I download in a virtual machine and then scan with kaspersky and NOD32. If they find ANYTHING, I delete the files. Just can't risk that it might be a false positive.
Re: Caution downloading NZBs?
Quote:
Originally Posted by
mbucari1
I always open EVERYTHING I download in a virtual machine and then scan with kaspersky and NOD32. If they find ANYTHING, I delete the files. Just can't risk that it might be a false positive.
what the.. haha
Re: Caution downloading NZBs?
Just search for the files yourself on newzleech/binsearch, problem solved.
Re: Caution downloading NZBs?
NZB's are just XML. No executable code in there.
Re: Caution downloading NZBs?
Quote:
Originally Posted by
mbucari1
I always open EVERYTHING I download in a virtual machine and then scan with kaspersky and NOD32. If they find ANYTHING, I delete the files. Just can't risk that it might be a false positive.
What for? :blink:
Re: Caution downloading NZBs?
There's no executable code in it.
If there was, it couldn't be executed anyway unless renamed to .exe.
The only way something malicious could be put in is if some newsreader had a bug/security flaw with reading the xml. Example: some specific piece of text was to make newsleecher, or some other reader, freeze.
Not too likely.
It's possible for a nzb file to be mislabeled though. You could download something that says Shrek 3 and it end up being porn for example.
That's not really a big deal though...
