Re: [Clamav-users] Re: Freshclam not responding

Thu, 03 Jun 2004 12:44:54 -0700 

Gervase wanted us to know:

>> if you do a 'dig database.clamav.net' or a 'host database.clamav.net', do
>> you get useful answers? 
>No.  Both merely say:
>"truncated, retrying in TCP mode,
>timed out -no servers could be reached".

tcpdump -n -p port 53 > dig.cap 2>&1

What do you see?

Here's what mine looked like, first for database.clamav.net, then for
www.google.com:

[EMAIL PROTECTED] root]# tcpdump -n -p port 53
tcpdump: verbose output suppressed, use -v or -vv for full protocol
decode
listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes
11:31:02.817289 IP 192.168.100.166.34874 > 192.168.100.10.53:  11836+ A?
database.clamav.net. (37)
11:31:02.998761 IP 192.168.100.10.53 > 192.168.100.166.34874:  11836*
16/5/3 CNAME[|domain]
11:31:43.329141 IP 192.168.100.166.34874 > 192.168.100.10.53:  18598+ A?
www.google.com. (32)
11:31:43.400447 IP 192.168.100.10.53 > 192.168.100.166.34874:  18598
4/9/9[|domain]

Here's the same thing using tethereal instead of tcpdump:

[EMAIL PROTECTED] root]# tethereal -n -p port 53
Capturing on eth0
  0.000000 192.168.100.166 -> 192.168.100.10 DNS Standard query A
database.clamav.net
  0.166413 192.168.100.10 -> 192.168.100.166 DNS Standard query response
CNAME db.local.clamav.net CNAME db.america.clamav.net A 199.239.233.95 A
209.8.40.140 A 209.94.36.5 A 24.73.112.74 A 38.136.139.7 A 64.18.103.6 A
64.69.64.158 A 64.246.44.108 A 65.75.154.69 A 65.77.42.207 A
66.139.75.171 A 69.93.108.98 A 128.121.60.235 A 196.40.71.226
  5.793668 192.168.100.166 -> 192.168.100.10 DNS Standard query A
www.google.com
  5.794506 192.168.100.10 -> 192.168.100.166 DNS Standard query response
CNAME www.google.akadns.net A 216.239.57.147 A 216.239.57.99 A
216.239.57.104

I don't think that tethereal's output is very useful in this case.
-- 
Regards...              Todd
They that can give up essential liberty to obtain a little temporary 
safety deserve neither liberty nor safety.       --Benjamin Franklin
Linux kernel 2.6.3-8mdkenterprise   1 user,  load average: 0.03, 0.05, 0.05


-------------------------------------------------------
This SF.Net email is sponsored by the new InstallShield X.
>From Windows to Linux, servers to mobile, InstallShield X is the one
installation-authoring solution that does it all. Learn more and
evaluate today! http://www.installshield.com/Dev2Dev/0504
_______________________________________________
Clamav-users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/clamav-users

Reply via email to