Mailing List Archive

Hi there,

On Sat, 20 Feb 2021, Charles Harbud via clamav-users wrote:

> ... for the last 3 weeks Clamwin has not been able to update ...

This mailing list is about ClamAV, and we do what we reasonably can to
help its users, but you are not using ClamAV - you're using ClamWin:

http://www.clamwin.com/

You might want to search my other posts for comments about ClamWin.

> ... (Windows 2000, X32).

Are you serious? Windows 2000? That's been EOL for more than a
decade. I shouldn't blame the ClamAV team if they'd _already_ dropped
any and all signatures relating to Windows 2000 vulnerabilities. As a
Linux user I for one would view rather dimly the wasting of CPU cycles
on scanning for such things.

> The log says some (or all) the mirrors are down.
> May I ask, has anything changed with them. ...

What's changed is that everything before ClamAV version 0.100 is now
obsolete and unsupported - just like your operating system. It looks
like you missed the announcement, which went to both the announcements
mailing list and the ClamAV blog:

https://blog.clamav.net/

My guess is that at best you're using some version of ClamWin based on
what was, three years ago, ClamAV 0.99.4, which was recently obsoleted
but appears to be the latest version available on the ClamWin Website.

What you're doing doesn't make any sense to me, and I think it also
makes you something of a threat to the rest of us on the Internet.

Please do the decent thing and permanently disconnect your obsolete
Windows 2000 system from the Internet. Read AND FOLLOW the widely-
available advice about securing computer systems, especially advice
about keeping all your software patched for security issues. If you
need to use Windows 2000 for some legacy purpose, you need to make a
special effort to keep it secure - well beyond just running ClamWin,
and likely requiring substantially more effort and understanding than
you seem to have devoted to security thus far.

--

73,
Ged.

_______________________________________________

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Dne sobota 20. ?nora 2021 14:34:24 CET, Charles Harbud via clamav-users
napsal(a):
> Hi, for the last 3 weeks Clamwin has not been able to update it's virus
> signatures on my computer (Windows 2000, X32). The log says some (or all)
> the mirrors are down.
> May I ask, has anything changed with them. (Nothing has changed here). It's
> eating up all my bandwidth as Clamwin retries throughout the day. Thanks

I have noticed something similar - updating clamav database where the database
was too old (not updated for long time). Freshclam has a download timeout
(default 30 s), and if the update is not finished in that time, it tries again.
IMHO quite stupid... The update was working perfectly, it just needed to
download too much updates, that it needed about 60 s to finish.

--
Best regards
Vladislav Kurz




_______________________________________________

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Hi there,

On Sun, 21 Feb 2021, Vladislav Kurz via clamav-users wrote:

> Dne sobota 20. ?nora 2021 14:34:24 CET, Charles Harbud via clamav-users
> napsal(a):
>> Hi, for the last 3 weeks Clamwin has not been able to update it's virus
>> signatures on my computer (Windows 2000, X32). The log says some (or all)
>> the mirrors are down.
>> May I ask, has anything changed with them. (Nothing has changed here). It's
>> eating up all my bandwidth as Clamwin retries throughout the day. Thanks
>
> I have noticed something similar - updating clamav database where the database
> was too old (not updated for long time). Freshclam has a download timeout
> (default 30 s), and if the update is not finished in that time, it tries again.
> IMHO quite stupid... The update was working perfectly, it just needed to
> download too much updates, that it needed about 60 s to finish.

The OP had a different problem, but this one has popped up in the past.

The default download timeouts in freshclam.conf were indeed much too
low at one time but that's not the case now. Here are the values in
the sample configuration in the source, as you see commented out:

$ grep -i timeout .../freshclam.conf.sample
# Timeout in seconds when connecting to database server.
#ConnectTimeout 60
# Maximum time in seconds for each download operation. 0 means no timeout.
#ReceiveTimeout 1800
$

Here are the timeouts which I use at the moment:

$ grep -i timeout .../freshclam.conf
ConnectTimeout 600
ReceiveTimeout 1800
$

--

73,
Ged.

_______________________________________________

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Please keep your security software up to date.

If you don’t like ClamWin, we have ClamAV for Windows right on the website. It doesn’t have the GUI that ClamWin does, (simply because we don’t have the development time to dedicate to it).

Really would love it if someone from the community would step up and take on this task.

--
Joel Esler
Manager, Communities Division
Cisco Talos Intelligence Group
http://www.talosintelligence.com | https://www.snort.org

> On Feb 20, 2021, at 10:58 AM, G.W. Haywood via clamav-users <clamav-users@lists.clamav.net> wrote:
>
> Hi there,
>
> On Sat, 20 Feb 2021, Charles Harbud via clamav-users wrote:
>
>> ... for the last 3 weeks Clamwin has not been able to update ...
>
> This mailing list is about ClamAV, and we do what we reasonably can to
> help its users, but you are not using ClamAV - you're using ClamWin:
>
> http://www.clamwin.com/
>
> You might want to search my other posts for comments about ClamWin.
>
>> ... (Windows 2000, X32).
>
> Are you serious? Windows 2000? That's been EOL for more than a
> decade. I shouldn't blame the ClamAV team if they'd _already_ dropped
> any and all signatures relating to Windows 2000 vulnerabilities. As a
> Linux user I for one would view rather dimly the wasting of CPU cycles
> on scanning for such things.
>
>> The log says some (or all) the mirrors are down.
>> May I ask, has anything changed with them. ...
>
> What's changed is that everything before ClamAV version 0.100 is now
> obsolete and unsupported - just like your operating system. It looks
> like you missed the announcement, which went to both the announcements
> mailing list and the ClamAV blog:
>
> https://blog.clamav.net/
>
> My guess is that at best you're using some version of ClamWin based on
> what was, three years ago, ClamAV 0.99.4, which was recently obsoleted
> but appears to be the latest version available on the ClamWin Website.
>
> What you're doing doesn't make any sense to me, and I think it also
> makes you something of a threat to the rest of us on the Internet.
>
> Please do the decent thing and permanently disconnect your obsolete
> Windows 2000 system from the Internet. Read AND FOLLOW the widely-
> available advice about securing computer systems, especially advice
> about keeping all your software patched for security issues. If you
> need to use Windows 2000 for some legacy purpose, you need to make a
> special effort to keep it secure - well beyond just running ClamWin,
> and likely requiring substantially more effort and understanding than
> you seem to have devoted to security thus far.
>
> --
>
> 73,
> Ged.
>
> _______________________________________________
>
> clamav-users mailing list
> clamav-users@lists.clamav.net
> https://lists.clamav.net/mailman/listinfo/clamav-users
>
>
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml