[clamav-users] Problem with BE db
Joel Esler (jesler)
jesler at cisco.com
Mon Nov 12 19:11:49 UTC 2018
Awesome. This was my fault. Thank one of my team members for fixing my screw up.
--
Joel Esler
Manager, Communities Division
Cisco Talos Intelligence Group
http://www.talosintelligence.com
> On Nov 12, 2018, at 1:51 PM, Pierre Dehaen <dehaenp at drever.be> wrote:
>
> Yes,
>
> # vi /etc/opt/csw/freshclam.conf
> ==> restore config to db.be.clamav.net
> # freshclam --update-db=daily --stdout
> ClamAV update process started at Mon Nov 12 19:46:46 2018
> WARNING: Your ClamAV installation is OUTDATED!
> WARNING: Local version: 0.100.0 Recommended version: 0.100.2
> DON'T PANIC! Read https://www.clamav.net/documents/upgrading-clamav
> daily.cld is up to date (version: 25114, sigs: 2149227, f-level: 63, builder: neo)
>
> It looks like it works now. I even tried:
>
> # wget http://db.be.clamav.net/daily.cvd
> converted 'http://db.be.clamav.net/daily.cvd' (646) -> 'http://db.be.clamav.net/daily.cvd' (UTF-
> 8)
> --2018-11-12 19:49:27-- http://db.be.clamav.net/daily.cvd
> Resolving db.be.clamav.net (db.be.clamav.net)... 104.16.185.138, 104.16.187.138,
> 104.16.188.138, ...
> Connecting to db.be.clamav.net (db.be.clamav.net)|104.16.185.138|:80... connected.
> HTTP request sent, awaiting response... 200 OK
>
> Thank you very much,
> Pierre
>
> On 12 Nov 2018 at 18:12, Joel Esler (jesler) wrote:
>
> Can you try now?
>
>> On Nov 12, 2018, at 12:31 PM, Pierre Dehaen <dehaenp at drever.be> wrote:
>>
>> Hi Joel,
>>
>> # freshclam --version
>> ClamAV 0.100.0/25114/Mon Nov 12 15:08:04 2018
>>
>> It's running on Solaris 11... I see now that 0.100.2 is available on opencsw, I'll try to upgrade
>> soon.
>>
>> Thanks,
>> Pierre
>>
>> On 12 Nov 2018 at 16:41, Joel Esler (jesler) wrote:
>>
>> Okay, so a couple things.
>>
>> Wget probably isn't going to work in the manner you expect. Which is why you got the 530
>> response.
>>
>> What version of freshclam are you using?
>>
>>> On Nov 11, 2018, at 11:18 AM, Pierre Dehaen <dehaenp at drever.be> wrote:
>>>
>>> Hi,
>>>
>>> It seems the db.be.clamav.net does not work any more since Nov 9th. I tried to delete the
>>> mirrors.dat but no way, I still get:
>>>
>>> # freshclam --update-db=daily --stdout
>>> ...
>>> daily.cvd version from DNS: 25111
>>> Retrieving http://db.be.clamav.net/daily-25104.cdiff
>>> Trying to download http://db.be.clamav.net/daily-25104.cdiff (IP: 104.16.187.138)
>>> WARNING: getfile: Unknown response from db.be.clamav.net (IP: 104.16.187.138)
>>> WARNING: getpatch: Can't download daily-25104.cdiff from db.be.clamav.net
>>> Querying daily.25104.91.0.0.6810BB8A.ping.clamav.net
>>> Retrieving http://db.be.clamav.net/daily-25104.cdiff
>>> Trying to download http://db.be.clamav.net/daily-25104.cdiff (IP: 104.16.185.138)
>>> WARNING: getfile: Unknown response from db.be.clamav.net (IP: 104.16.185.138)
>>> WARNING: getpatch: Can't download daily-25104.cdiff from db.be.clamav.net
>>> Querying daily.25104.91.0.0.6810B98A.ping.clamav.net
>>> ...
>>>
>>> # wget http://db.be.clamav.net/daily.cvd
>>> converted 'http://db.be.clamav.net/daily.cvd' (646) -> 'http://db.be.clamav.net/daily.cvd'
> (UTF-
>>> 8)
>>> --2018-11-11 17:03:08-- http://db.be.clamav.net/daily.cvd
>>> Resolving db.be.clamav.net (db.be.clamav.net)... 104.16.188.138, 104.16.189.138,
>>> 104.16.187.138, ...
>>> Connecting to db.be.clamav.net (db.be.clamav.net)|104.16.188.138|:80... connected.
>>> HTTP request sent, awaiting response... 530
>>> 2018-11-11 17:03:08 ERROR 530: (no description).
>>>
>>> The (temporary?) solution is to:
>>>
>>> # vi .../freshclam.conf
>>> => replace db.be.clamav.net by db.de.clamav.net (for instance)
>>>
>>> # rm ...clamav/db/mirrors.dat
>>>
>>> # freshclam --update-db=daily --stdout
>>> ClamAV update process started at Sun Nov 11 17:04:02 2018
>>> WARNING: Your ClamAV installation is OUTDATED!
>>> WARNING: Local version: 0.100.0 Recommended version: 0.100.2
>>> DON'T PANIC! Read https://www.clamav.net/documents/upgrading-clamav
>>> Downloading daily-25104.cdiff [100%]
>>> Downloading daily-25105.cdiff [100%]
>>> Downloading daily-25106.cdiff [100%]
>>> Downloading daily-25107.cdiff [100%]
>>> Downloading daily-25108.cdiff [100%]
>>> Downloading daily-25109.cdiff [100%]
>>> Downloading daily-25110.cdiff [100%]
>>> Downloading daily-25111.cdiff [100%]
>>> daily.cld updated (version: 25111, sigs: 2148413, f-level: 63, builder: neo)
>>> Database updated (2148413 signatures) from db.de.clamav.net (IP: 104.16.187.138)
>>> Clamd successfully notified about the update.
>>>
>>> Thanks
>>> Pierre
>>> _______________________________________________
>>> clamav-users mailing list
>>> clamav-users at lists.clamav.net
>>> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
>>>
>>>
>>> Help us build a comprehensive ClamAV guide:
>>> https://github.com/vrtadmin/clamav-faq
>>>
>>> http://www.clamav.net/contact.html#ml
>>
>> _______________________________________________
>> clamav-users mailing list
>> clamav-users at lists.clamav.net
>> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
>>
>>
>> Help us build a comprehensive ClamAV guide:
>> https://github.com/vrtadmin/clamav-faq
>>
>> http://www.clamav.net/contact.html#ml
>>
>> _______________________________________________
>> clamav-users mailing list
>> clamav-users at lists.clamav.net
>> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
>>
>>
>> Help us build a comprehensive ClamAV guide:
>> https://github.com/vrtadmin/clamav-faq
>>
>> http://www.clamav.net/contact.html#ml
>
> _______________________________________________
> clamav-users mailing list
> clamav-users at lists.clamav.net
> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
>
>
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml
>
> _______________________________________________
> clamav-users mailing list
> clamav-users at lists.clamav.net
> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
>
>
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml
More information about the clamav-users
mailing list