New service - the Team Cymru Malware Hash Registry!
Steve Freegard
steve.freegard at fsl.com
Tue Oct 28 16:22:35 GMT 2008
Hi Martin,
Martin.Hepworth wrote:
> Running here against latest beta (with freeBSD v.old and exim).
>
> So far so good - no hits yet so hard to say, but performance could be an issue for people, I've noticed a marked slow down in overall scanning times even with the caching DNS etc
>
It would seen that it's international bandwidth that is the issue.
I wrote and tested the scanner this morning on one of the FSL test boxes
which is in Washington DC on a 10Mb Comcast cable line and have yet to
see a timeout.
However - just tried this on my laptop:
smf at laptop-smf:~$ ./generic_hash_scanner.pl *.pl
CLEAN::File::./clear_queue_orphans.pl
INFO::ERROR::Timed out after 30 seconds (4 remaining sockets waiting
after 29 checks)
smf at laptop-smf:~$ host -t NS hash.cymru.com
hash.cymru.com name server ns1.hash.cymru.com.
hash.cymru.com name server ns2.hash.cymru.com.
smf at laptop-smf:~$ host ns1.hash.cymru.com
ns1.hash.cymru.com has address 216.90.108.33
smf at laptop-smf:~$ host ns2.hash.cymru.com
ns2.hash.cymru.com has address 216.90.108.34
smf at laptop-smf:~$ host -t TXT 34.108.90.216.asn.routeviews.org
34.108.90.216.asn.routeviews.org descriptive text "23028" "216.90.108.0"
"24"
smf at laptop-smf:~$ host -t TXT 34.108.90.216.countries.blackholes.us
34.108.90.216.countries.blackholes.us descriptive text "us"
Looks to me like they could do with some extra mirrors particularly in
Europe as my RTT from Zen Internet in the UK is > 150ms
Cheers,
Steve
More information about the MailScanner
mailing list