Am 03.07.2018 um 03:37 schrieb Paul Kosinski: > Any system whereby new versions of files are announced before they are > actually available to automated downloads is awkward (to say the least). > > If, in addition, a server which doesn't have the announced version is > blacklisted by the automated downloader, the whole mechanism can grind > to a halt (as it has for us). > > Even if a server which is out of sync (i.e., behind) is not > blacklisted, but merely temporarily skipped, it uses extra bandwidth in > the current scheme. In the case of daily.cvd, the only way freshclam > detects that the server is out of sync is by downloading the whole file > (currently about 47 MB) -- the waste of bandwidth is enormous. For > example, our logs this afternoon show 15 complete downloads of > daily.cvd over about 1 hour. Of these, all but the last failed due to > out of sync. This is why we have recently taken to deleting mirrors.dat > before each freshclam run -- to compensate for the blacklisting -- and > running freshclam 3 times an hour hoping for sync. > > This behavior is both unreasonable and inefficient tell that the people who think the DNS nonsense instead a static "daily.version" text-file gains anything....
-------- Weitergeleitete Nachricht -------- Betreff: Re: [clamav-users] We STILL cannot reliably get virus updates (since new mirrors) Datum: Mon, 2 Jul 2018 19:10:40 +0100 Von: Brian Morrison <b...@fenrir.org.uk> Antwort an: ClamAV users ML <clamav-users@lists.clamav.net> Organisation: The Fool and Bladder Face-Jumping Team An: ClamAV users ML <clamav-users@lists.clamav.net> On Mon, 2 Jul 2018 19:50:55 +0200 Reindl Harald wrote: > > For me freshclam runs roughly every 2 hours, so I think that the > > load is an order of magnitude higher than you state. I will confess > > that I don't know about the capability of web servers in this > > regard, but the point that d.net made was that the DNS server would > > always be more capable in this regard than a web server > come on - our main-server running ina virtual machine spits out 30000 > requests/sec. on our core-cms in case of cache-hits and even on a 7 > years old workstation far above 10000/sec and that is *not* static > content with a few bytes How many requests/sec can a DNS server process? Given that the clamav mirrors seem to be struggling (new system, I know) I still think that anything that reduces the load they are serving ought to be a good idea. Not my day job though... _______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
