[clamav-users] We STILL cannot reliably get virus updates (since new mirrors)
Scott.Packard at raytheon.com
Tue Jul 3 14:11:59 EDT 2018
The current DNS TXT does not work within my company, as a firewall fully blocks things, including DNS.
(as an aside, curl works, with sufficient massaging, but wget cannot, as it does not have an option to work with a proxy).
I rely on someone in Arizona to pull definitions from, but sometimes their server goes out, other times clamav's content system breaks,
and it's a pain to figure out which one is the culprit.
> -----Original Message-----
> From: clamav-users [mailto:clamav-users-bounces at lists.clamav.net] On Behalf Of Christopher X. Candreva
> Sent: Tuesday, July 03, 2018 10:36 AM
> To: ClamAV users ML <clamav-users at lists.clamav.net>
> Subject: [External] Re: [clamav-users] We STILL cannot reliably get virus updates (since new mirrors)
> For everyone (or maybe the one) asking why the DNS system exists, as the
> person who came up with the idea in the first place (or the idea of stealing
> it from the DNSbls ) I thought I would provide a link to the original
> discussion in which is was hashed out ( beaten to death) back in 2004:
> I thought the math was in this thread, but at some point the actual savings
> of being able to check for a new version with a UDP packet over a TCP/http
> HEAD command was calculated, and it was a significant amount of transfer,
> expensive at the time.
> I have to admit I've wondered if Cloudflare and the other CDN's meant it
> outlived it's usefullness, but it's a contribution I'm fairly proud of.
> On Tue, 3 Jul 2018, Joel Esler (jesler) wrote:
> > On Jul 2, 2018, at 1:17 PM, Reindl Harald
> > <h.reindl at thelounge.net> wrote:
> > on a typical setup freshclam is running once or twice *daily* while a
> > webserver these days can spit out the same small static txt file many
> > thousands of times per seond with zero load
> > That is not the results we are seeing. There are a LARGE amount of people
> > that check for updates once or twice a day, yes. However, we have hundreds
> > of thousands of people that check for updates hundreds of times a day. We
> > haven't started concentrating on these people yet (our biggest offender is
> > one IP that checks 100,000+ times a day), but clearly that's excessive. We
> > publish approx 5-6 times a day. So, let's say you check 50 times a day....
> > Clearly, that's enough.
> > --
> > Joel Esler
> > Sr. Manager
> > Open Source, Design, Web, and Education
> > Talos Group
> > http://www.talosintelligence.com
> Chris Candreva -- chris at westnet.com -- http://www.westnet.com/~chris
> clamav-users mailing list
> clamav-users at lists.clamav.net
> Help us build a comprehensive ClamAV guide:
More information about the clamav-users