Clamav: erreurs avec freshclam

Christophe Meessen christophe at meessen.net
Mar 25 Sep 08:56:42 UTC 2007


Bonjour,

il y a quelque temps j'ai posté un mail signalant un problème avec 
clamav. Je remercie au passage la personne ayant pris la peine de 
répondre. Etant pris par d'autres priorités je n'ai pas donné suite.

Hier, j'ai eu l'heureuse surprise de voir qu'une mise à jour de clamav 
était disponible pour ubuntu. Je l'ai installé croyant en avoir enfin 
fini avec les messages d'erreur. Malheureusement non.

J'ai relancé clamav ce matin et voici les messages d'erreur que je 
retrouve dans /var/log/clamav/freshclam.log

ClamAV update process started at Tue Sep 25 10:28:21 2007
WARNING: Your ClamAV installation is OUTDATED!
WARNING: Local version: 0.90.2 Recommended version: 0.91.2
DON'T PANIC! Read http://www.clamav.net/support/faq
main.inc is up to date (version: 44, sigs: 133163, f-level: 20, builder: 
sven)
Ignoring mirror 91.194.14.100 (due to previous errors)
Ignoring mirror 193.52.101.131 (too often connections with outdated version)
Ignoring mirror 193.218.105.9 (too often connections with outdated version)
Ignoring mirror 194.116.142.73 (too often connections with outdated version)
Ignoring mirror 195.214.240.53 (too often connections with outdated version)
Ignoring mirror 212.180.1.29 (too often connections with outdated version)
ERROR: getpatch: Can't download daily-4384.cdiff from database.clamav.net
Ignoring mirror 212.180.1.29 (too often connections with outdated version)
Ignoring mirror 91.194.14.100 (due to previous errors)
Ignoring mirror 193.52.101.131 (too often connections with outdated version)
Ignoring mirror 193.218.105.9 (too often connections with outdated version)
Ignoring mirror 194.116.142.73 (too often connections with outdated version)
Ignoring mirror 195.214.240.53 (too often connections with outdated version)
ERROR: getpatch: Can't download daily-4384.cdiff from database.clamav.net
Ignoring mirror 195.214.240.53 (too often connections with outdated version)
Ignoring mirror 212.180.1.29 (too often connections with outdated version)
Ignoring mirror 91.194.14.100 (due to previous errors)
Ignoring mirror 193.52.101.131 (too often connections with outdated version)
Ignoring mirror 193.218.105.9 (too often connections with outdated version)
Ignoring mirror 194.116.142.73 (too often connections with outdated version)
ERROR: getpatch: Can't download daily-4384.cdiff from database.clamav.net
Ignoring mirror 194.116.142.73 (too often connections with outdated version)
Ignoring mirror 195.214.240.53 (too often connections with outdated version)
Ignoring mirror 212.180.1.29 (too often connections with outdated version)
Ignoring mirror 91.194.14.100 (due to previous errors)
Ignoring mirror 193.52.101.131 (too often connections with outdated version)
Ignoring mirror 193.218.105.9 (too often connections with outdated version)
ERROR: getpatch: Can't download daily-4384.cdiff from database.clamav.net
Ignoring mirror 193.218.105.9 (too often connections with outdated version)
Ignoring mirror 194.116.142.73 (too often connections with outdated version)
Ignoring mirror 195.214.240.53 (too often connections with outdated version)
Ignoring mirror 212.180.1.29 (too often connections with outdated version)
Ignoring mirror 91.194.14.100 (due to previous errors)
Ignoring mirror 193.52.101.131 (too often connections with outdated version)
Ignoring mirror 193.218.105.9 (too often connections with outdated version)
ERROR: getpatch: Can't download daily-4384.cdiff from database.clamav.net
Ignoring mirror 193.218.105.9 (too often connections with outdated version)
Ignoring mirror 194.116.142.73 (too often connections with outdated version)
Ignoring mirror 195.214.240.53 (too often connections with outdated version)
Ignoring mirror 212.180.1.29 (too often connections with outdated version)
Ignoring mirror 91.194.14.100 (due to previous errors)
Ignoring mirror 193.52.101.131 (too often connections with outdated version)
ERROR: getpatch: Can't download daily-4384.cdiff from database.clamav.net
WARNING: Incremental update failed, trying to download daily.cvd
Ignoring mirror 193.52.101.131 (too often connections with outdated version)
Ignoring mirror 193.218.105.9 (too often connections with outdated version)
Ignoring mirror 194.116.142.73 (too often connections with outdated version)
Ignoring mirror 195.214.240.53 (too often connections with outdated version)
Ignoring mirror 212.180.1.29 (too often connections with outdated version)
Ignoring mirror 91.194.14.100 (due to previous errors)
ERROR: Can't download daily.cvd from database.clamav.net
Giving up on database.clamav.net...
Update failed. Your network may be down or none of the mirrors listed in 
freshclam.conf is working. Check 
http://www.clamav.net/support/mirror-problem for possible reasons.
--------------------------------------

La mise à jour pour ubuntu est apparemment encore toujours en retard de 
version et cela semble bloquer la mise à jour de sécurité.

Dans le fichier clamav.log je suis aussi surpris de trouver très 
fréquemment une séquence comme celle-ci
Tue Sep 25 02:14:11 2007 -> Reading databases from /var/lib/clamav
Tue Sep 25 02:20:07 2007 -> Database correctly reloaded (260532 signatures)
Tue Sep 25 03:28:42 2007 -> SelfCheck: Database modification detected. 
Forcing reload.
Tue Sep 25 03:28:42 2007 -> Reading databases from /var/lib/clamav
Tue Sep 25 03:34:22 2007 -> Database correctly reloaded (260532 signatures)
Tue Sep 25 05:07:55 2007 -> SelfCheck: Database modification detected. 
Forcing reload.
Tue Sep 25 05:07:55 2007 -> Reading databases from /var/lib/clamav
Tue Sep 25 05:13:35 2007 -> Database correctly reloaded (260532 signatures)
Tue Sep 25 06:45:27 2007 -> SelfCheck: Database modification detected. 
Forcing reload.
Tue Sep 25 06:45:27 2007 -> Reading databases from /var/lib/clamav
Tue Sep 25 06:51:31 2007 -> Database correctly reloaded (260532 signatures)
Tue Sep 25 07:56:17 2007 -> SelfCheck: Database modification detected. 
Forcing reload.
Tue Sep 25 07:56:17 2007 -> Reading databases from /var/lib/clamav
Tue Sep 25 08:02:01 2007 -> Database correctly reloaded (260532 signatures)
Le nombre de signatures ne semble pas avoir été modifiée. Est-il 
possible qu'il y a des modifications aussi fréquentes à la base de 
données anti-virus ?

Je suis bien conscient que mettre à disposition clamav pour ubuntu est 
un gros travail et j'en remercie les auteurs. Mais là je suis quelque 
peu perplexe sur la validité opérationnelle de ma configuration. Comment 
tester par exemple que la détection de virus dans les mails fonctionne ?

Je ne trouve aucune trace dans les entêtes de mails qu'une vérification 
antivirus a eu lieu en local, idem pour le spam avec spamassassin.


-- 
Bien cordialement,

Ch. Meessen


-------------- section suivante --------------
Une pièce jointe autre que texte a été nettoyée...
Nom: smime.p7s
Type: application/x-pkcs7-signature
Taille: 3264 octets
Desc: S/MIME Cryptographic Signature
URL: <https://lists.ubuntu.com/archives/ubuntu-fr/attachments/20070925/b9b4d562/attachment.bin>


Plus d'informations sur la liste de diffusion ubuntu-fr