[clamav-users] We STILL cannot reliably get virus updates (since new mirrors)

Joel Esler (jesler) jesler at cisco.com
Tue Jul 10 18:11:46 EDT 2018


Thanks for this feedback everyone.  This is extremely useful.


> On Jul 10, 2018, at 11:26 AM, Paul Kosinski <clamav-users at iment.com> wrote:
> 
> Last night our new method of getting cvd updates showed that it was
> *one hour* from the time the DNS TXT record claimed a new cvd was
> available to the time when our quick curl said it was really available!
> 
> In particular at 1:03 AM (EDT), DNS said version 24739 was available,
> but a curl of the first few bytes of the cvd file said it was still at
> version 24738. It wasn't until 2:03 AM that curl reported that version
> 24739 was really available for download.
> 
> Log file excerpt follows. (Comment lines beginning '#' added be me.)
> 
> 
> ------------------------------  Tuesday 10 July 2018 at 00:48:01  ------------------------------
> 
> /opt/clamav/bin/testclam-external
> -->  DNS  D 24738/24738  B 324/324  M 58/58
> 
> #           ^^^^^ ^^^^^
> #           DNS   local
> 
> ------------------------------  Tuesday 10 July 2018 at 01:03:01  ------------------------------
> 
> /opt/clamav/bin/testclam-external
> -->  EXT  D 24738/24739/24738  B 324/324/324  M 58/58/58
> 
> #           ^^^^^ ^^^^^ ^^^^^
> #           curl  DNS   local
> 
> ------------------------------  Tuesday 10 July 2018 at 01:18:01  ------------------------------
> 
> /opt/clamav/bin/testclam-external
> -->  EXT  D 24738/24739/24738  B 324/324/324  M 58/58/58
> 
> 
> ------------------------------  Tuesday 10 July 2018 at 01:33:01  ------------------------------
> 
> /opt/clamav/bin/testclam-external
> -->  EXT  D 24738/24739/24738  B 324/324/324  M 58/58/58
> 
> 
> ------------------------------  Tuesday 10 July 2018 at 01:48:01  ------------------------------
> 
> /opt/clamav/bin/testclam-external
> -->  EXT  D 24738/24739/24738  B 324/324/324  M 58/58/58
> 
> 
> ------------------------------  Tuesday 10 July 2018 at 02:03:01  ------------------------------
> 
> /opt/clamav/bin/testclam-external
> -->  UPD  D 24739/24739/24738  B 324/324/324  M 58/58/58
> 
> #           ^^^^^ ^^^^^ ^^^^^
> #           curl  DNS   local
> 
> removed `/opt/clamav/share/clamav/mirrors.dat'
> /opt/clamav/bin/freshclam -v --stdout --on-update-execute=EXIT_1
> Current working dir is /opt/clamav.d/clamav.0.100.0/share/clamav
> Max retries == 1
> ClamAV update process started at Tue Jul 10 02:03:03 2018
> Using IPv6 aware code
> Querying current.cvd.clamav.net
> TTL: 1798
> Software version from DNS: 0.100.1
> WARNING: Your ClamAV installation is OUTDATED!
> WARNING: Local version: 0.100.0 Recommended version: 0.100.1
> DON'T PANIC! Read https://www.clamav.net/documents/upgrading-clamav
> main.cvd version from DNS: 58
> main.cvd is up to date (version: 58, sigs: 4566249, f-level: 60, builder: sigmgr)
> daily.cvd version from DNS: 24739
> Retrieving http://database.clamav.net/daily.cvd
> Using ip '10.11.14.160' for fetching.
> Trying to download http://database.clamav.net/daily.cvd (IP: 104.16.189.138)
> Downloading daily.cvd [100%]
> Loading signatures from daily.cvd
> Properly loaded 2008906 signatures from new daily.cvd
> daily.cvd updated (version: 24739, sigs: 2008906, f-level: 63, builder: neo)
> Querying daily.24739.91.1.0.6810BD8A.ping.clamav.net
> bytecode.cvd version from DNS: 324
> bytecode.cvd is up to date (version: 324, sigs: 89, f-level: 63, builder: neo)
> Database updated (6575244 signatures) from database.clamav.net (IP: 104.16.189.138)
> OnUpdateExecute: EXIT_1
> 
> ------------------------------  Tuesday 10 July 2018 at 02:03:17  ------------------------------
> _______________________________________________
> clamav-users mailing list
> clamav-users at lists.clamav.net
> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
> 
> 
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
> 
> http://www.clamav.net/contact.html#ml




More information about the clamav-users mailing list