How can it take 10, 20 30 or more minutes (and I've seen well over an hour at times) to upload the ClamAV database to Cloudflare? Does it have to be uploaded separately (and maybe sequentially) from Cisco to each Cloudflare mirror? Or is Cloudflare's automatic propagation slow?
On Thu, 18 Oct 2018 16:07:38 +0000 "Micah Snyder (micasnyd)" <micas...@cisco.com> wrote: > Hi Paul, > > I realize it may look misleading to state that you're up to date when > a newer database has been announced. However, if the newer database > is still being uploaded to the CDN, it is more accurate to say that > the DNS announcement is premature. > > The change to freshclam is an effort to ignore potentially premature > database version numbers listed via DNS. > > Micah Snyder > ClamAV Development > Talos > Cisco Systems, Inc. > > > On Oct 15, 2018, at 2:26 PM, Paul Kosinski > <clamav-us...@iment.com<mailto:clamav-us...@iment.com>> wrote: > > I don't have time at the present to try out 0.100.2. I am rebuilding > our Web server, which had a disk crash. We have backups, but we need > whole new hardware since the old server had an old 32-bit-only CPU. > Thus a *supported* Linux version will not run, and so a simple disk > replacement was not a viable option. (Unfortunately the new server, > although only a VM, still costs almost 50% more per month than the old > raw hardware, which was adequate, if clunky.) > > Back to ClamAV: I don't much like the idea of saying signatures are > "up to date" if only 1 version behind the latest version. Most of the > time that won't matter, but sometimes a really urgent new signature > comes out and this approach could mislead people into a false sense of > security. > > > > On Thu, 4 Oct 2018 22:27:14 +0000 > "Micah Snyder (micasnyd)" > <micas...@cisco.com<mailto:micas...@cisco.com>> wrote: > > Hi Paul, > > Thanks for the update. > > I am interested to know how freshclam in ClamAV 0.100.2 performs for > you. I have made some tweaks to make it ignore mirrors for less > time, but more importantly I implemented a change to have it report > "up to date" in the event that the signature version provided by the > mirror is 1 behind what was advertised. My hope is that this > alleviates the issue. > > Respectfully, > Micah > > > Micah Snyder > ClamAV Development > Talos > Cisco Systems, Inc. > > > On Oct 4, 2018, at 4:47 PM, Paul Kosinski > <clamav-us...@iment.com<mailto:clamav-us...@iment.com><mailto:clamav-us...@iment.com>> > wrote: > > At Joel's suggestion, i have changed our sampling rate looking for > ClamAV cvd updates from 15 minutes down to 1 minute. This gives a > more precise measurement of how long it takes for the cvd file(s) to > actually become available from Cloudflare after its presence is > "advertised" by the CNS TXT record. > > Since these measurements are mainly useful for tuning the ClamAV > servers, I won't in the future post them to clamav-users unless > others besides the ClamAV team find them useful. (Maybe they should > go to the clamav-developers list?) > > In any case, here is the latest log of delays. Note that these more > precisely measured delays are not explained as mere 15-minute > quantization errors. > > 2018-10-02 09:18:02 No delay > 2018-10-02 17:18:02 No delay > 2018-10-03 01:31:02 00:13:00 delay > 2018-10-03 09:42:02 00:24:00 delay > 2018-10-03 17:52:02 00:33:59 delay > 2018-10-04 01:18:02 No delay > 2018-10-04 09:40:01 00:21:59 delay > _______________________________________________ > clamav-users mailing list > firstname.lastname@example.org<mailto:email@example.com><mailto:firstname.lastname@example.org> > http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users _______________________________________________ clamav-users mailing list email@example.com http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml