[clamav-users] ClamAV Database update issue

Joel Esler (jesler) jesler at cisco.com
Fri Jul 24 14:37:59 UTC 2020 

Did sustain a DDoS last night, Cloudflare kicked in it’s anti-DDoS work that it does, but we’ve served about 6TB of update traffic in the past 30 minutes, so we should be good now.

-- 
Joel Esler
Manager, Communities Division
Cisco Talos Intelligence Group
http://www.talosintelligence.com | https://www.snort.org

> On Jul 24, 2020, at 9:57 AM, Sudhir Kumar Maharjan <skmaharjan at deerwalk.com> wrote:
> 
> I am able to update now. 
> Thanks Eric and Joel.
> --
> SUDHIR KUMAR MAHARJAN
> Associate IT Manager
> Deerwalk Services Pvt. Ltd.
> p:	+977-1-4485429  m: +977-9851151176
> a:	Sifal | Kathmandu | Nepal
> w:	www.deerwalk.com <https://www.deerwalk.com/>  e: skmaharjan at deerwalk.com <mailto:skmaharjan at deerwalk.com>
>  <https://www.deerwalk.com/>
> LinkedIn <https://www.linkedin.com/company/deerwalk-inc/> | Twitter <https://twitter.com/deerwalkinc> | Facebook <https://www.facebook.com/Deerwalk> | YouTube <https://www.youtube.com/channel/UCawrNx5J26lzWs4viyaakRA>
> 
> On Fri, Jul 24, 2020 at 7:32 PM Sudhir Kumar Maharjan <skmaharjan at deerwalk.com <mailto:skmaharjan at deerwalk.com>> wrote:
> I will try again and let you know.
> --
> SUDHIR KUMAR MAHARJAN
> Associate IT Manager
> Deerwalk Services Pvt. Ltd.
> p:	+977-1-4485429  m: +977-9851151176
> a:	Sifal | Kathmandu | Nepal
> w:	www.deerwalk.com <https://www.deerwalk.com/>  e: skmaharjan at deerwalk.com <mailto:skmaharjan at deerwalk.com>
>  <https://www.deerwalk.com/>
> LinkedIn <https://www.linkedin.com/company/deerwalk-inc/> | Twitter <https://twitter.com/deerwalkinc> | Facebook <https://www.facebook.com/Deerwalk> | YouTube <https://www.youtube.com/channel/UCawrNx5J26lzWs4viyaakRA>
> 
> On Fri, Jul 24, 2020 at 7:31 PM Eric Tykwinski <eric-list at truenet.com <mailto:eric-list at truenet.com>> wrote:
> Honestly,  It could be like Joel said…
> 
>  
> 
> Here’s what I’m seeing in some locations currently:
> 
> Fri Jul 24 09:18:02 2020 -> main database available for download (remote version: 59)
> 
> Fri Jul 24 09:18:03 2020 -> ^downloadFile: Unexpected response (525) from https://database.clamav.net/main.cvd <https://database.clamav.net/main.cvd>
> Fri Jul 24 09:18:03 2020 -> ^getcvd: Can't download main.cvd from https://database.clamav.net/main.cvd <https://database.clamav.net/main.cvd>
> Fri Jul 24 09:18:03 2020 -> Trying again in 5 secs...
> 
> Fri Jul 24 09:18:08 2020 -> main database available for download (remote version: 59)
> 
> Time: 1477.2s, ETA: 2686.8s [==========>                   ] 39.87MiB/112.40MiB
> 
>  
> 
> Bad luck could get multiple 5xx errors and fail out.
> 
>  
> 
> From: clamav-users [mailto:clamav-users-bounces at lists.clamav.net <mailto:clamav-users-bounces at lists.clamav.net>] On Behalf Of Sudhir Kumar Maharjan
> Sent: Friday, July 24, 2020 9:40 AM
> To: ClamAV users ML
> Subject: Re: [clamav-users] ClamAV Database update issue
> 
>  
> 
> Hi Eric,
> 
>  
> 
> Thanks for your reply but the ip posted here belongs to San Francisco will Issue in LA cause issue in San Francisco as well?
> 
> I find this little strange.
> 
>  
> 
> Thanks,
> 
> --
> 
> SUDHIR KUMAR MAHARJAN
> 
> Associate IT Manager
> 
> Deerwalk Services Pvt. Ltd.
> 
> p:
> 
> +977-1-4485429  m: +977-9851151176
> 
> a:
> 
> Sifal | Kathmandu | Nepal
> 
> w:
> 
> www.deerwalk.com <https://www.deerwalk.com/>  e: skmaharjan at deerwalk.com <mailto:skmaharjan at deerwalk.com>
>  <https://www.deerwalk.com/>
> LinkedIn <https://www.linkedin.com/company/deerwalk-inc/> | Twitter <https://twitter.com/deerwalkinc> | Facebook <https://www.facebook.com/Deerwalk> | YouTube <https://www.youtube.com/channel/UCawrNx5J26lzWs4viyaakRA>
>  
> 
>  
> 
> On Fri, Jul 24, 2020 at 7:07 PM Eric Tykwinski <eric-list at truenet.com <mailto:eric-list at truenet.com>> wrote:
> 
> Check out CloudFlare status: https://www.cloudflarestatus.com/ <https://www.cloudflarestatus.com/>
>  
> 
> If you are in the LA area, that could be a cause…
> 
>  
> 
> Sincerely,
> 
>  
> 
> Eric Tykwinski
> 
> TrueNet, Inc.
> 
> P: 610-429-8300
> 
>  
> 
>  
> 
>  
> 
> From: clamav-users [mailto:clamav-users-bounces at lists.clamav.net <mailto:clamav-users-bounces at lists.clamav.net>] On Behalf Of Sudhir Kumar Maharjan
> Sent: Friday, July 24, 2020 9:09 AM
> To: clamav-users at lists.clamav.net <mailto:clamav-users at lists.clamav.net>
> Subject: [clamav-users] ClamAV Database update issue
> 
>  
> 
> Hello All,
> 
>  
> 
> We are using ClamAV for long time and today suddenly it is failing to update the Virus Signature Database with the error " "WARNING: getfile: Error while reading database from database.clamav.net <http://database.clamav.net/> (IP: 104.16.218.84)"." Is there any changes to the database server or is it down. We have checked the firewall setting and it is open for clamav.
> 
>  
> 
> I have attached the screenshot as well.
> 
>  
> 
> Please let me know how to resolve this issue.
> 
>  
> 
> Thanks,
> 
> --
> 
> SUDHIR KUMAR MAHARJAN
> 
> Associate IT Manager
> 
> Deerwalk Services Pvt. Ltd.
> 
> p:
> 
> +977-1-4485429  m: +977-9851151176
> 
> a:
> 
> Sifal | Kathmandu | Nepal
> 
> w:
> 
> www.deerwalk.com <https://www.deerwalk.com/>  e: skmaharjan at deerwalk.com <mailto:skmaharjan at deerwalk.com>
>  <https://www.deerwalk.com/>
> LinkedIn <https://www.linkedin.com/company/deerwalk-inc/> | Twitter <https://twitter.com/deerwalkinc> | Facebook <https://www.facebook.com/Deerwalk> | YouTube <https://www.youtube.com/channel/UCawrNx5J26lzWs4viyaakRA>
>  
> 
> DISCLAIMER:
> This email message is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized use or disclosure is prohibited. If you are not the intended recipient, please contact the sender by reply email and destroy all copies of the original message. IRS CIRCULAR 230 DISCLOSURE: Any U.S. tax advice contained in this communication (including any attachments) is not intended or written to be used, and cannot be used, for the purpose of (i) avoiding penalties under the Internal Revenue Code or (ii) promoting, marketing or recommending to another party any transaction or matter addressed herein.(FR08-i203d)
> 
> _______________________________________________
> 
> clamav-users mailing list
> clamav-users at lists.clamav.net <mailto:clamav-users at lists.clamav.net>
> https://lists.clamav.net/mailman/listinfo/clamav-users <https://lists.clamav.net/mailman/listinfo/clamav-users>
> 
> 
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq <https://github.com/vrtadmin/clamav-faq>
> 
> http://www.clamav.net/contact.html#ml <http://www.clamav.net/contact.html#ml>
> 
> 
> DISCLAIMER:
> This email message is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized use or disclosure is prohibited. If you are not the intended recipient, please contact the sender by reply email and destroy all copies of the original message. IRS CIRCULAR 230 DISCLOSURE: Any U.S. tax advice contained in this communication (including any attachments) is not intended or written to be used, and cannot be used, for the purpose of (i) avoiding penalties under the Internal Revenue Code or (ii) promoting, marketing or recommending to another party any transaction or matter addressed herein.(FR08-i203d)
> 
> _______________________________________________
> 
> clamav-users mailing list
> clamav-users at lists.clamav.net <mailto:clamav-users at lists.clamav.net>
> https://lists.clamav.net/mailman/listinfo/clamav-users <https://lists.clamav.net/mailman/listinfo/clamav-users>
> 
> 
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq <https://github.com/vrtadmin/clamav-faq>
> 
> http://www.clamav.net/contact.html#ml <http://www.clamav.net/contact.html#ml>
> 
> DISCLAIMER:
> This email message is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized use or disclosure is prohibited. If you are not the intended recipient, please contact the sender by reply email and destroy all copies of the original message. IRS CIRCULAR 230 DISCLOSURE: Any U.S. tax advice contained in this communication (including any attachments) is not intended or written to be used, and cannot be used, for the purpose of (i) avoiding penalties under the Internal Revenue Code or (ii) promoting, marketing or recommending to another party any transaction or matter addressed herein.(FR08-i203d)
> 
> _______________________________________________
> 
> clamav-users mailing list
> clamav-users at lists.clamav.net
> https://lists.clamav.net/mailman/listinfo/clamav-users
> 
> 
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
> 
> http://www.clamav.net/contact.html#ml

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.clamav.net/pipermail/clamav-users/attachments/20200724/84273732/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3010 bytes
Desc: not available
URL: <https://lists.clamav.net/pipermail/clamav-users/attachments/20200724/84273732/attachment.bin>

More information about the clamav-users mailing list