Paul, how are things looking from your side? -- Joel Esler Sr. Manager Community, Branding, and Open Source Talos Group http://www.talosintelligence.com
On Aug 11, 2018, at 6:12 PM, Joel Esler (jesler) <jes...@cisco.com<mailto:jes...@cisco.com>> wrote: I actually just made an adjustment today to see if that will resolve the issues. Please keep these coming?! Sent from my iPad On Aug 11, 2018, at 2:10 PM, Paul Kosinski <clamav-us...@iment.com<mailto:clamav-us...@iment.com>> wrote: Here is the latest report for ClamAV virus update mirror delays since the end of July. DNS TXT vs actual file availability has gotten worse! Now, over 57% of updates are DNS-announced prematurely. (Last time, only about 1/3 were announced prematurely.) 2018-07-31 21:33:01 No delay 2018-08-01 05:03:01 00:14:59 delay 2018-08-01 13:18:01 No delay 2018-08-01 21:03:02 00:15:00 delay 2018-08-02 05:18:02 No delay 2018-08-02 13:48:02 00:30:00 delay 2018-08-02 21:48:01 00:15:00 delay 2018-08-03 05:18:02 No delay 2018-08-03 14:18:02 00:30:01 delay 2018-08-03 21:48:02 00:30:01 delay 2018-08-04 05:18:01 No delay 2018-08-04 13:18:02 No delay 2018-08-04 21:33:01 00:14:59 delay 2018-08-05 05:48:02 01:00:00 delay 2018-08-05 13:03:02 00:15:00 delay 2018-08-05 21:03:02 00:15:00 delay 2018-08-06 05:18:02 No delay 2018-08-06 13:18:02 No delay 2018-08-07 00:03:01 02:45:00 delay 2018-08-07 05:18:02 No delay 2018-08-07 13:18:02 No delay 2018-08-07 21:48:01 00:29:59 delay 2018-08-08 05:48:01 01:00:00 delay 2018-08-08 13:48:02 00:30:01 delay 2018-08-08 21:18:01 No delay 2018-08-09 05:33:02 No delay 2018-08-09 14:33:01 01:15:00 delay 2018-08-09 22:33:01 00:44:59 delay 2018-08-10 05:48:01 01:00:00 delay 2018-08-10 13:48:02 00:30:00 delay 2018-08-11 00:48:02 03:30:00 delay 2018-08-11 05:33:02 No delay 2018-08-11 13:18:02 No delay On Tue, 31 Jul 2018 13:47:39 -0400 Paul Kosinski <clamav-us...@iment.com<mailto:clamav-us...@iment.com>> wrote: There are still over 1/3 signature update sync errors with the new ClamAV mirrors. You may remember that I previously added code to our ClamAV update protocol to verify that the actually available daily.cvd etc. matched the version number reported by the DNS TXT record. (This is done by using curl to retrieve a short prefix of the daily.cvd etc. files.) Some days ago I also added code to summarize any synchronization problems. This code logs how much, if any, delay obtains between the DNS TXT record reporting a new version and curl agreeing that the new version is actually available from a mirror. This protocol operates every 15 minutes (giving rise to a rounding error of up to 15 minutes). Recent results are as follows: 2018-07-26 05:18:02 No delay 2018-07-26 13:18:02 No delay 2018-07-26 13:33:01 No delay 2018-07-26 13:48:01 No delay 2018-07-26 14:03:01 No delay 2018-07-26 14:18:02 No delay 2018-07-26 21:33:02 00:45:00 delay 2018-07-27 05:03:02 No delay 2018-07-27 13:18:02 No delay 2018-07-27 13:18:02 No delay 2018-07-27 21:34:05 No delay 2018-07-27 21:34:05 No delay 2018-07-28 05:48:02 00:30:01 delay 2018-07-28 13:18:02 No delay 2018-07-28 21:18:02 00:30:01 delay 2018-07-29 05:33:01 00:29:59 delay 2018-07-29 14:18:02 01:30:00 delay 2018-07-29 21:18:02 00:30:00 delay 2018-07-30 04:48:02 No delay 2018-07-30 13:33:01 00:44:59 delay 2018-07-30 21:48:02 01:00:00 delay 2018-07-31 05:18:02 No delay 2018-07-31 13:33:02 No delay Note: The ClamAV update protocol uses the URL "database.clamav.net<http://database.clamav.net>", which in turn resolves to 1 of 5 IP addresses, which in turn route to one of many geographically separated systems. Thus, the delays may not correspond to problems with particular paths and/or mirror instances. P.S. I can provide a more detailed freshclam log for this if desired. _______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net<mailto:clamav-users@lists.clamav.net> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml _______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net<mailto:clamav-users@lists.clamav.net> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
_______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
