Hello, I am the webmaster of a certain site, and yesterday I have upgraded my server to a new one. While I was going tru the logs of certain host, that we use for url redirection/shortening with ip of 78.46.84.244 I saw some misrequests like /main.cvd and upon further research i found out it was clamav related.
upon further googling i found out that 2014-12-11 db.us.rr.clamav.net <https://www.virustotal.com/en/domain/db.us.rr.clamav.net/information/> 2014-10-25 db.us.big.clamav.net <https://www.virustotal.com/en/domain/db.us.big.clamav.net/information/> 2014-08-24 db.local.clamav.net <https://www.virustotal.com/en/domain/db.local.clamav.net/information/> 2014-05-10 db.local.win.clamav.net <https://www.virustotal.com/en/domain/db.local.win.clamav.net/information/> 2013-12-19 idefix.schaal-24.de <https://www.virustotal.com/en/domain/idefix.schaal-24.de/information/> 2013-09-13 db.us.clamav.net <https://www.virustotal.com/en/domain/db.us.clamav.net/information/> 2013-04-13 database.clamav.net <https://www.virustotal.com/en/domain/database.clamav.net/information/> the above hostnames resolves to this ip number. (based on: https://www.virustotal.com/en/ip-address/78.46.84.244/information/ ) I believe it is harmless to my server except filling the logfile, but this config might effect the reliability of your service/software. Could you fix it please? Best regards, C.A. _______________________________________________ http://lurker.clamav.net/list/clamav-devel.html Please submit your patches to our Bugzilla: http://bugs.clamav.net http://www.clamav.net/contact.html#ml