phoning home

Lyle Giese lyle at lcrcomputer.net
Sat Jun 11 20:04:40 UTC 2011


On 06/11/11 14:40, Paul Vixie wrote:
> today i noticed the following in my syslog:
>
> 	freshclam daemon 0.97 (OS: freebsd8.2, ARCH: amd64, CPU: amd64)
> 	ClamAV update process started at Sat Jun 11 19:38:55 2011
> 	WARNING: Your ClamAV installation is OUTDATED!
> 	WARNING: Local version: 0.97 Recommended version: 0.97.1
> 	DON'T PANIC! Read http://www.clamav.net/support/faq
>
> i think bind needs something like this, but maybe it's an information leak?

Clamav does this as part of it's virus defination updates.  The clamav 
team posts current version information in DNS for the virus definations 
and program version.  Clamav is saying I am not the most recent version. 
  It never tells anyone what version it is.

I don't think Bind has a real need to do frequent checks of some 
database somewhere outside of its own domain<GRIN>!

I am not entirely comfortable with adding this kind of functionality to 
BIND where it's not entirely necessary.  Where in Clamav, it was just 
another data set for something we are already checking frequently.  Plus 
Clamav is software for checking for viruses and that is a rapidly moving 
target all the time.

Lyle Giese
LCR Computer Services, Inc.




More information about the bind-workers mailing list