[clamav-users] We STILL cannot reliably get virus updates (since new mirrors)
Christopher X. Candreva
chris at westnet.com
Tue Jul 3 13:36:22 EDT 2018
For everyone (or maybe the one) asking why the DNS system exists, as the
person who came up with the idea in the first place (or the idea of stealing
it from the DNSbls ) I thought I would provide a link to the original
discussion in which is was hashed out ( beaten to death) back in 2004:
I thought the math was in this thread, but at some point the actual savings
of being able to check for a new version with a UDP packet over a TCP/http
HEAD command was calculated, and it was a significant amount of transfer,
expensive at the time.
I have to admit I've wondered if Cloudflare and the other CDN's meant it
outlived it's usefullness, but it's a contribution I'm fairly proud of.
On Tue, 3 Jul 2018, Joel Esler (jesler) wrote:
> On Jul 2, 2018, at 1:17 PM, Reindl Harald
> <h.reindl at thelounge.net> wrote:
> on a typical setup freshclam is running once or twice *daily* while a
> webserver these days can spit out the same small static txt file many
> thousands of times per seond with zero load
> That is not the results we are seeing. There are a LARGE amount of people
> that check for updates once or twice a day, yes. However, we have hundreds
> of thousands of people that check for updates hundreds of times a day. We
> haven't started concentrating on these people yet (our biggest offender is
> one IP that checks 100,000+ times a day), but clearly that's excessive. We
> publish approx 5-6 times a day. So, let's say you check 50 times a day....
> Clearly, that's enough.
> Joel Esler
> Sr. Manager
> Open Source, Design, Web, and Education
> Talos Group
Chris Candreva -- chris at westnet.com -- http://www.westnet.com/~chris
More information about the clamav-users