[clamav-users] A workaround for the major ClamAV DB update delays we have been experiencing

Joel Esler (jesler) jesler at cisco.com
Sat Dec 8 23:21:13 EST 2018


Not sure what you’re saying here.  Are you saying that the daily on the cache is out of date?

Sent from my  iPhone

> On Dec 8, 2018, at 20:30, Eric Tykwinski <eric-list at truenet.com> wrote:
> 
> J.R.
> 
> You are falling into the same trap I followed.  The txt record is:
> current.cvd.clamav.net.    1749    IN    TXT    "0.101.0:58:25189:1544315340:1:63:48210:327"
> 
> But host headers is what he’s looking at:
> telnet database.clamav.net 80
> Trying 104.16.185.138...
> Connected to database.clamav.net.cdn.cloudflare.net.
> Escape character is '^]'.
> GET /daily.cvd HTTP/1.1
> host: database.clamav.net
> 
> HTTP/1.1 200 OK
> Date: Sun, 09 Dec 2018 01:18:51 GMT
> Content-Type: application/octet-stream
> Content-Length: 53110330
> Connection: keep-alive
> Set-Cookie: __cfduid=ddc4d2ab2a13638c99a90bb14c12128971544318331; expires=Mon, 09-Dec-19 01:18:51 GMT; path=/; domain=.clamav.net; HttpOnly
> Last-Modified: Sat, 08 Dec 2018 18:18:00 GMT
> ETag: "5c0c0ad8-32a663a"
> Expires: Sun, 09 Dec 2018 05:05:51 GMT
> Cache-Control: public, max-age=13620
> CF-Cache-Status: HIT
> Accept-Ranges: bytes
> Server: cloudflare
> CF-RAY: 4863a3a9553bc5d2-EWR
> 
> ClamAV-VDB:08 Dec 2018 13-18 -0500:25189:2177974:63:2e2e28a4556e83e2df68c40fa61566d4:nWqDCF65xA9fMhiKYOtZhH8Up6lAHLrl6VyCrXRAXCB7aMf7WqSPrwMz/YHhdgKSNjxGiL8Z2ORQ2aPm23KwqwyJUpOZv94+soWx+NibPlKBPJ6/ZAt9Z5UrhgDbgz0IVQsHX998ZjBE6NY6xtqfzboOPNKyeFINLeAUL5hSpzj:neo:1544293134
> 
> So daily.cvd is being cached on cloudflare for the first update and you might need to be running a freshclam right after a new install since it’s out of date due to caching on cloudflare’s server.  
> 
> Sincerely,
> 
> Eric Tykwinski
> TrueNet, Inc.
> P: 610-429-8300
> 
>> On Dec 8, 2018, at 7:30 PM, J.R. <themadbeaker at gmail.com> wrote:
>> 
>> I've kind of been reading this thread about the delay at one location
>> vs the other.
>> 
>> Maybe I missed it, but I don't seem to recall which DNS servers you
>> were querying. I remember you saying the one location you were having
>> the issues was Comcast as the ISP, but were you always using the
>> Comcast DNS or did you try others like 1.1.1.1 or 8.8.8.8 ?
>> 
>> Or was the DNS saying there was a newer version but when you queried
>> cloudflare it was reporting differently?
>> _______________________________________________
>> clamav-users mailing list
>> clamav-users at lists.clamav.net
>> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
>> 
>> 
>> Help us build a comprehensive ClamAV guide:
>> https://github.com/vrtadmin/clamav-faq
>> 
>> http://www.clamav.net/contact.html#ml
> 
> 
> _______________________________________________
> clamav-users mailing list
> clamav-users at lists.clamav.net
> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
> 
> 
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
> 
> http://www.clamav.net/contact.html#ml
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3010 bytes
Desc: not available
URL: <https://lists.clamav.net/pipermail/clamav-users/attachments/20181209/3c1b63d4/attachment.bin>


More information about the clamav-users mailing list