I am not understanding your point here. Where are you seeing an indication that the database had been updated at the time you wrote? The first indication of an update was an email announcing daily 23390 at 8:30am PDT, about four hours after you posted and almost 30 hours after the previous daily update. That would seem to indicate a problem or delay with updates, rather than a DNS Caching issue.
-Al- -- Al Varnell Mountain View, CA On May 16, 2017, at 4:33 AM, Andy Schmidt <andy_schm...@hm-software.com> wrote: > > The same problem had been "fixed" a few weeks ago: > > http://network-tools.com/nslook/Default.asp?domain=current.cvd.clamav.net > <http://network-tools.com/nslook/Default.asp?domain=current.cvd.clamav.net&t > ype=16&server=67.222.132.213&class=1&port=53&timeout=5000&go.x=12&go.y=7> > &type=16&server=67.222.132.213&class=1&port=53&timeout=5000&go.x=12&go.y=7 > > current.cvd.clamav.net reports: > > "0.99.2:57:23389:1494930680:1:63:45940:300" > > not just with my local DNS - but even the above public lookup. > Consequently, virus databases are 25+ hours OUTDATED and FreshClam won't > pick up recent ones! > > clamscan -V : > ClamAV 0.99.2/23389/Mon May 15 04:57:48 2017 > > freshclam log : > Tue May 16 06:29:19 2017 -> -------------------------------------- > Tue May 16 06:59:19 2017 -> ClamAV update process started at Tue May 16 > 06:59:19 2017 > Tue May 16 06:59:19 2017 -> main.cvd is up to date (version: 57, sigs: > 4218790, f-level: 60, builder: amishhammer) > Tue May 16 06:59:19 2017 -> daily.cld is up to date (version: 23389, sigs: > 2071687, f-level: 63, builder: neo) > Tue May 16 06:59:19 2017 -> safebrowsing.cld is up to date (version: 45940, > sigs: 2889021, f-level: 63, builder: google) > Tue May 16 06:59:19 2017 -> bytecode.cld is up to date (version: 300, sigs: > 57, f-level: 63, builder: neo) > Tue May 16 06:59:19 2017 -> -------------------------------------- > > So - either there is problem with their DNS server - or there is an > open/persistent/recurrent problem with whatever process is suppose to > automatically UPDATE their "current.cvd" TXT record. > Either way, there appears to be NO simple monitoring app in place that > simply matches the DNS TXT record to the "real" database level?
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
