OK, here's my pitch I like the DNS idea as a way to push out just the version number of the update. This "pattern serial number" would be the current version of the CVD file.
A record like this in tinydns: 'dbversion.clamav.net:447:600 would create a DNS TXT record for "dbversion.clamav.net" with a value of "447" with a TTL of 600 sec (10 minutes). I see no point in any more information being recorded. If freshclam were to initially do that DNS lookup, it could afford to look every 10 minutes instead of hourly, and would dramatically cut down on the amount of HTTP (or any other TCP) transactions required. I think all the comments about using SMTP or NNTP suffer the same problem as HTTP - they are no where near as fast or as natively "multicast" as DNS is - oh yeah - and it's UDP too. DNS natively "shares the load", whereas all other "load sharing" solutions would have to be created. So I'd envisage freshclam doing the DNS lookup, and if the "pattern number" TXT record returned is *different* (not smaller! DNS cache poisoning can affect this solution, so just choose DIFFERENT) than the current "pattern number", then it should check for an update. This has the advantage that it could just be a new bit of code added in front of the existing freshclam code. The TTL > 0 allows you to even cut down the load on the primary DNS servers. The ClamAV team should make a "policy" saying people aren't allowed to check for updates more often than every "TTL" seconds and this within freshclam would enforce it. Just my 2c worth -- Cheers Jason Haar Information Security Manager, Trimble Navigation Ltd. Phone: +64 3 9635 377 Fax: +64 3 9635 417 PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1 ------------------------------------------------------- SF.Net email is sponsored by Shop4tech.com-Lowest price on Blank Media 100pk Sonic DVD-R 4x for only $29 -100pk Sonic DVD+R for only $33 Save 50% off Retail on Ink & Toner - Free Shipping and Free Gift. http://www.shop4tech.com/z/Inkjet_Cartridges/9_108_r285 _______________________________________________ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
