Rick Macdougall wrote:
> Tomasz Kojm wrote:
>
>> On Fri, 30 Jan 2004 20:21:12 -0500
>> Rick Macdougall <[EMAIL PROTECTED]> wrote:
>>
>>
>>>I'm willing to work on something like that. I've got a few really
>>>busy servers and a few not so busy servers. You thinking of a C
>>>program or perl (or what ever)?
>>
>>
>> Perl should be just fine. Do you have some idea for such a script ?
>
> Perl's great. Just basic ideas now, thinking about what would need to
> be stored, how to build in a trust system etc. I'll let it percolate
> through my brain over the day and see what I come up with.
I see three challenges here:
1.) Trust System
2.) Detail, visualization, and mapping
3.) Data storage
1.) The Trust System would be most important, IMO. If we could develop a trust
system that is secure enough then we could create a ClamAV registry site and
ANYONE could sign up and provide statistics to be processed and stored on the
central server.
If we can't think of a good way to make it secure, then we'd have to find
some way to screen candidates. Money maybe? That's how SSL certs work. :)
This *is* open source, after all. And I'd hate to see our statistics mangled
by a few bad hackers.
I think that if we can manage to get this right in the beginning then we
will be free to persue the remaining two problems.
2.) A project like this could be very simple or VERY complex. We can be as detailed
as we want: Mapping nations, states, citites, trunk lines across the world,
networks, etc... Or just providing statistics by geographic region or something
else.
3.) Data storage. I would think that someone relatively familiar with MRTG would
really help us out here. I've heard that MRTG stores a lot of data in a very
fast/compressed manner. We could brute force it at first, but we'll probably
want to tackle this eventually and make it as efficient as possible.
Other issues I see here are the kinds of data stored. Time should definately
be included, as well as separate data structures for each virus definition.
This way we can pick a date and time, then query for a virus name and display
how many vuruses of that type were being caught per minute or per hour in a
particular geographic region or (ideally) state/country.
Of course, I wrote the above thinking of a client/server solution, but a sort of
ad-hoc computer-computer network might work too. That would certainly change the trust
system a good bit. Hmmm... something to think about.
I'd love to be a tester for this.
--
Jesse Guardiani, Systems Administrator
WingNET Internet Services,
P.O. Box 2605 // Cleveland, TN 37320-2605
423-559-LINK (v) 423-559-5145 (f)
http://www.wingnet.net
-------------------------------------------------------
The SF.Net email is sponsored by EclipseCon 2004
Premiere Conference on Open Tools Development and Integration
See the breadth of Eclipse activity. February 3-5 in Anaheim, CA.
http://www.eclipsecon.org/osdn
_______________________________________________
Clamav-users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/clamav-users
