[clamav-users] Freshclam Question
Steve Basford
steveb_clamav at sanesecurity.com
Tue Jun 30 13:13:15 UTC 2015
On Tue, June 30, 2015 1:57 pm, Nixon, R A (AL) CIV USARMY SEC (US) wrote:
>
> My organization has been using Freshcalm to update virus definitions for
> a number of years. We are United States based and set the database mirror
> accordingly. In the past month we have notice that the Database mirror
> used is now connecting us to a mirror in Russia. Within the last week our
> cyber team has had to block the Russia IP because it is now attempting to
> probe our network. Is there any way to setup the Freshclam mirror
> database to only attempt connections to US based mirrors?
if you are using (US code), eg:
db.us.clamav.net
There as some non-US IPs contained, mainly...
128.199.133.36 - Asia - Singapore
150.214.142.197 - Europe - Spain
194.186.47.19 - Europe - Russian Federation
194.8.197.22 - Europe - Germany
78.46.84.244 - Europe - Germany
Not sure why, other than perhaps US code needs a lot of mirrors, so
some have been placed outside US.
One for the team I think to answer.
Cheers,
Steve
Web : sanesecurity.com
Blog: sanesecurity.blogspot.com
More information about the clamav-users
mailing list