On Wed, 11 Aug 2004, Lionel Bouton wrote: > Since some time I am thinking of a bittorrent approach too. Bittorrent > is quite efficient at distributing files and there are implementations > allowing multiple trackers to distribute the remaining server-side load.
Please take this as a question rather than a criticism of the approach: My experience with bittorrent has been with downloading huge things, like Fedora. It tends to start up really slowly (since it has to find peers) and then speed up. But the speedup doesn't occur until several megs have been downloaded. If we're only sending a 1-meg main.cvd, then wouldn't bittorrent lose its advantage to all the overhead of finding peers? With regard to all the other ideas: Please remember to keep this *simple*. Here's where I, IMHO, think we stand: Opening a new port on a mailserver so updates can be pushed to it is a BAD idea. As a sysadmin, I would not allow such a thing on my production machines. It creates a huge security risk, since now you have one more opening to a remote root vulnerability. The idea of DNS sounds really good, but it doesn't appear we can fit all the data there. And putting just a version number there appears to make things worse, since it will just make everyone hit the mirrors at the same time. If we can somehow distribute signatures that way it would be nice, but it just doesn't seem practical. I'm really starting to like the idea of a mailing list that can have dedicated (and random for each site) subscription addresses and pipe the list straight into "sigtool --add". It means we'd have to find someone to host the list, but that's probably no more difficult than finding someone to host a mirror. Presumably there could even be multiple "mirrors" sending the list, to improve speed (taking an idea from spammers who use open relays to do the hard part). One thing to add to the mailing list approach: there needs to be some sort of "heartbeat" or "dead man's switch" -- a way to know that the mailing list is functional, but there are no needed updates, rather than that the mailing list has broken. I suppose this might be a use for that latest-db-version.clamav.net idea. Damian Menscher -- -=#| Physics Grad Student & SysAdmin @ U Illinois Urbana-Champaign |#=- -=#| 488 LLP, 1110 W. Green St, Urbana, IL 61801 Ofc:(217)333-0038 |#=- -=#| 4602 Beckman, VMIL/MS, Imaging Technology Group:(217)244-3074 |#=- -=#| <[EMAIL PROTECTED]> www.uiuc.edu/~menscher/ Fax:(217)333-9819 |#=- -=#| The above opinions are not necessarily those of my employers. |#=- ------------------------------------------------------- SF.Net email is sponsored by Shop4tech.com-Lowest price on Blank Media 100pk Sonic DVD-R 4x for only $29 -100pk Sonic DVD+R for only $33 Save 50% off Retail on Ink & Toner - Free Shipping and Free Gift. http://www.shop4tech.com/z/Inkjet_Cartridges/9_108_r285 _______________________________________________ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
