Daniel J McDonald wrote: > That's one of the things that seems to be driving the size of > daily.cvd up - updating main.cvd entails a massive > distribution of files to the world.
Current main.cvd = 1103636 bytes, last updated on July 8 Current daily.cvd = 156470 bytes A bit of mental arithmetic suggests thatdaily.cvd grows by about 5KB per day. A few sums in my head suggest that total download savings in a month if main.cvd was updated fortnightly would be around 200KB (circa 3100KB total download instead of 3300KB), a virtually insignificant difference. > Perhaps a tiered approach to the update files, with main.cvd, > monthly.cvd, weekly.cvd, daily.cvd, and hot.cvd > The advantage there is that the really big update could be > distributed very seldom - perhaps only with new code (the > code generally has to be upgraded every few months to deal > with a new threat anyway). Big updates often remove false positives, improve detections of existing viruses, so might still need monthly (or more frequent) updating. > If you had overlapping signatures between the files, you > could add a fuzzy-factor into freshclam that it might not > bring down the latest weekly/monthly if the other files > overlap completely. That would distribute the load on the > freshclam servers for the larger updates, and there would > just be the very small daily.cvd (and perhaps hot.cvd) downloads. If we could use incremental (or, more correctly, differential) updates which effectively create a new main.cvd then we could have a large reduction in the load on the download servers. However, we then have the problem of ensuring that main.cvd remains consistent. > I like the idea of using DNS to signal the change - maybe > just for hot.cvd. so, whenever a major virus breakout > occurs, the new sig would be added to hot.cvd and the DNS > TXT record changed. 10,000 users pulling down a 2-3K file is > not terribly hard for a server with decent bandwidth I've known DNS servers to completely ignore TTL figures and cache stuff which should have expired, so this might not be reliable. Cheers, Phil ---- Phil Randal Network Engineer Herefordshire Council Hereford, UK ------------------------------------------------------- SF.Net email is sponsored by Shop4tech.com-Lowest price on Blank Media 100pk Sonic DVD-R 4x for only $29 -100pk Sonic DVD+R for only $33 Save 50% off Retail on Ink & Toner - Free Shipping and Free Gift. http://www.shop4tech.com/z/Inkjet_Cartridges/9_108_r285 _______________________________________________ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
