[clamav-users] We STILL cannot reliably get virus updates (since new mirrors)

Paul Kosinski clamav-users at iment.com
Tue Jul 10 11:26:52 EDT 2018


Last night our new method of getting cvd updates showed that it was
*one hour* from the time the DNS TXT record claimed a new cvd was
available to the time when our quick curl said it was really available!

In particular at 1:03 AM (EDT), DNS said version 24739 was available,
but a curl of the first few bytes of the cvd file said it was still at
version 24738. It wasn't until 2:03 AM that curl reported that version
24739 was really available for download.

Log file excerpt follows. (Comment lines beginning '#' added be me.)


------------------------------  Tuesday 10 July 2018 at 00:48:01  ------------------------------

/opt/clamav/bin/testclam-external
-->  DNS  D 24738/24738  B 324/324  M 58/58

#           ^^^^^ ^^^^^
#           DNS   local

------------------------------  Tuesday 10 July 2018 at 01:03:01  ------------------------------

/opt/clamav/bin/testclam-external
-->  EXT  D 24738/24739/24738  B 324/324/324  M 58/58/58

#           ^^^^^ ^^^^^ ^^^^^
#           curl  DNS   local

------------------------------  Tuesday 10 July 2018 at 01:18:01  ------------------------------

/opt/clamav/bin/testclam-external
-->  EXT  D 24738/24739/24738  B 324/324/324  M 58/58/58


------------------------------  Tuesday 10 July 2018 at 01:33:01  ------------------------------

/opt/clamav/bin/testclam-external
-->  EXT  D 24738/24739/24738  B 324/324/324  M 58/58/58


------------------------------  Tuesday 10 July 2018 at 01:48:01  ------------------------------

/opt/clamav/bin/testclam-external
-->  EXT  D 24738/24739/24738  B 324/324/324  M 58/58/58


------------------------------  Tuesday 10 July 2018 at 02:03:01  ------------------------------

/opt/clamav/bin/testclam-external
-->  UPD  D 24739/24739/24738  B 324/324/324  M 58/58/58

#           ^^^^^ ^^^^^ ^^^^^
#           curl  DNS   local

removed `/opt/clamav/share/clamav/mirrors.dat'
/opt/clamav/bin/freshclam -v --stdout --on-update-execute=EXIT_1
Current working dir is /opt/clamav.d/clamav.0.100.0/share/clamav
Max retries == 1
ClamAV update process started at Tue Jul 10 02:03:03 2018
Using IPv6 aware code
Querying current.cvd.clamav.net
TTL: 1798
Software version from DNS: 0.100.1
WARNING: Your ClamAV installation is OUTDATED!
WARNING: Local version: 0.100.0 Recommended version: 0.100.1
DON'T PANIC! Read https://www.clamav.net/documents/upgrading-clamav
main.cvd version from DNS: 58
main.cvd is up to date (version: 58, sigs: 4566249, f-level: 60, builder: sigmgr)
daily.cvd version from DNS: 24739
Retrieving http://database.clamav.net/daily.cvd
Using ip '10.11.14.160' for fetching.
Trying to download http://database.clamav.net/daily.cvd (IP: 104.16.189.138)
Downloading daily.cvd [100%]
Loading signatures from daily.cvd
Properly loaded 2008906 signatures from new daily.cvd
daily.cvd updated (version: 24739, sigs: 2008906, f-level: 63, builder: neo)
Querying daily.24739.91.1.0.6810BD8A.ping.clamav.net
bytecode.cvd version from DNS: 324
bytecode.cvd is up to date (version: 324, sigs: 89, f-level: 63, builder: neo)
Database updated (6575244 signatures) from database.clamav.net (IP: 104.16.189.138)
OnUpdateExecute: EXIT_1

------------------------------  Tuesday 10 July 2018 at 02:03:17  ------------------------------


More information about the clamav-users mailing list