All — I sent a note earlier, but this should be fixed/recovering now. We are working on an idea that may prevent this kind of thing from happening in the future.
Dennis — If you do a health check, and you find things that are… not matching up with our results… please let me know your failure list? -- Joel Esler | Talos: Manager | jes...@cisco.com<mailto:jes...@cisco.com> On Aug 23, 2017, at 3:16 PM, Dennis Peterson <denni...@inetnw.com<mailto:denni...@inetnw.com>> wrote: After testing several of the DNS round robin aliases I found the db.ca.clamav.net<http://db.ca.clamav.net> had the most reliable server set for North America. After editing the freshclam.conf file the files updated on the next cron.hourly cycle. I also found that the number of viable mirror sites is a small portion of the total number of mirrors. I also found that a lot of "local" mirrors are not all that local. I think I'll run a health check of every mirror in the western hemisphere and use the results in a local DNS round robin running my own servers. It is a form of dynamic load balancing using real-time network response time. If nothing else it will stop most if not all attempts to missing mirrors which seem to be the majority. Obviously it will also ignore mirrors that disallow icmp traffic. dp On 8/23/17 9:48 AM, Dennis Peterson wrote: nslookup db.local.clamav.net<http://db.local.clamav.net> |awk '/Address:/ {print $2}' |xargs -L1 ping -c 1 nslookup db.us.clamav.net<http://db.us.clamav.net> |awk '/Address:/ {print $2}' |xargs -L1 ping -c 1 nslookup db.ca.clamav.net<http://db.ca.clamav.net> |awk '/Address:/ {print $2}' |xargs -L1 ping -c 1 nslookup db.ru.clamav.net<http://db.ru.clamav.net> |awk '/Address:/ {print $2}' |xargs -L1 ping -c 1 nslookup db.uk.clamav.net<http://db.uk.clamav.net> |awk '/Address:/ {print $2}' |xargs -L1 ping -c 1 Nobody home. dp On 8/23/17 12:26 AM, lukn555 wrote: Good Day ClamAV List Since yesterday at around noon CET I've been having issues downloading the ClamAV database: freshclam --version ClamAV 0.99.2/23696/Tue Aug 22 14:36:14 2017 # /usr/local/bin/freshclam --verbose Current working dir is /usr/local/share/clamav Max retries == 3 ClamAV update process started at Wed Aug 23 09:11:52 2017 Using IPv6 aware code Querying current.cvd.clamav.net<http://current.cvd.clamav.net> TTL: 609 Software version from DNS: 0.99.2 main.cvd version from DNS: 58 main.cld is up to date (version: 58, sigs: 4566249, f-level: 60, builder: sigmgr) daily.cvd version from DNS: 23700 Retrieving http://database.clamav.net/daily-23697.cdiff Ignoring mirror 130.59.113.36 (due to previous errors) Ignoring mirror 193.230.240.8 (due to previous errors) Ignoring mirror 130.59.113.36 (due to previous errors) Ignoring mirror 193.230.240.8 (due to previous errors) WARNING: getpatch: Can't download daily-23697.cdiff from database.clamav.net<http://database.clamav.net> Retrieving http://database.clamav.net/daily-23697.cdiff Ignoring mirror 130.59.113.36 (due to previous errors) Ignoring mirror 193.230.240.8 (due to previous errors) WARNING: getpatch: Can't download daily-23697.cdiff from database.clamav.net<http://database.clamav.net> Retrieving http://database.clamav.net/daily-23697.cdiff Ignoring mirror 193.230.240.8 (due to previous errors) Ignoring mirror 130.59.113.36 (due to previous errors) WARNING: getpatch: Can't download daily-23697.cdiff from database.clamav.net<http://database.clamav.net> WARNING: Incremental update failed, trying to download daily.cvd Whitelisting short-term blacklisted mirrors Retrieving http://database.clamav.net/daily.cvd Ignoring mirror 130.59.113.36 (due to previous errors) Ignoring mirror 193.230.240.8 (due to previous errors) Ignoring mirror 130.59.113.36 (due to previous errors) Ignoring mirror 193.230.240.8 (due to previous errors) WARNING: Can't download daily.cvd from database.clamav.net<http://database.clamav.net> Trying again in 5 secs... # dig database.clamav.net<http://database.clamav.net> +short db.local.clamav.net<http://db.local.clamav.net>. db.centraleu.clamav.net<http://db.centraleu.clamav.net>. 130.59.113.36 193.230.240.8 # wget http://database.clamav.net/daily-23697.cdiff --2017-08-23 09:14:16-- http://database.clamav.net/daily-23697.cdiff Resolving database.clamav.net<http://database.clamav.net> (database.clamav.net<http://database.clamav.net>)... 193.230.240.8, 130.59.113.36 Connecting to database.clamav.net<http://database.clamav.net> (database.clamav.net<http://database.clamav.net>)|193.230.240.8|:80... connected. HTTP request sent, awaiting response... 403 Forbidden 2017-08-23 09:14:16 ERROR 403: Forbidden. Is this an issue on my side or on ClamAV mirror side? Any help is appreciated. _______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net<mailto:clamav-users@lists.clamav.net> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml _______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net<mailto:clamav-users@lists.clamav.net> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml _______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net<mailto:clamav-users@lists.clamav.net> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml _______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
