Description
Scope
Solution
The Internet Download Manager is just a multi-thread downloader. You can use Application Control signature "HTTP.Download.Accelerator" under category "web" or "General.Interest" ,Technology : "Browser-Based" to block the multi-thread download feature.
you may go to
UTM Security Profiles >Application Control >Application Sensor >Choose the Application Sensor that you want or create New >Create New >Specify Application >
>Applications : "HTTP.Download.Accelerator" >Settings : Block > OK
The signature HTTP.Download.Accelerator detects HTTP header "Range: bytes=xxx" which is used by many download tools to increase download speeds and resume downloads.
These tools usually create multiple threads and each thread downloads a part of the large file. So the total download speed is much faster than single thread download.
Internet Download Manager also uses this technique. Its first thread doesn't contain this header, but other threads contain it and can be blocked by our signature.
So using our signature, Internet Download Manager can only do single thread download just like directly using browser to download a file.
It means that its high-speed download feature doesn't work.
The Internet Download Manager has no characteristic that can be used to distinguish it from normal browser downloads. It is too difficult to write a signature to cover it. However, the multi threads downloading feature can be disabled.
Scope
FortiOS v5.0
Solution
The Internet Download Manager is just a multi-thread downloader. You can use Application Control signature "HTTP.Download.Accelerator" under category "web" or "General.Interest" ,Technology : "Browser-Based" to block the multi-thread download feature.
| -The program still works ,but it can't download with the multiple. |
| For v5.0 |
you may go to
UTM Security Profiles >Application Control >Application Sensor >Choose the Application Sensor that you want or create New >Create New >Specify Application >
>Applications : "HTTP.Download.Accelerator" >Settings : Block > OK
| For more information : |
The signature HTTP.Download.Accelerator detects HTTP header "Range: bytes=xxx" which is used by many download tools to increase download speeds and resume downloads.
These tools usually create multiple threads and each thread downloads a part of the large file. So the total download speed is much faster than single thread download.
Internet Download Manager also uses this technique. Its first thread doesn't contain this header, but other threads contain it and can be blocked by our signature.
So using our signature, Internet Download Manager can only do single thread download just like directly using browser to download a file.
It means that its high-speed download feature doesn't work.
