ClamAV site and update database blocked by CDN in Russia #500
Comments
|
The same issue, Ru zone probably banned. |
|
Same issue. Various networks in Russia. |
|
The same issue, Ru zone. |
|
Sadly... |
|
I'm sorry to report that ClamAV.net has been blocked for Russian IP's. Cisco, which owns and operates ClamAV and ClamAV.net, has stopped providing goods and services to Russia. You can read Cisco's official statement, here: https://www.cisco.com/c/m/en_us/crisissupport.html We do understand that this decision not only affects organizations, but individual users as well. Cisco is continuously evaluating the current situation and will make any determinations in the future should the situation change. |
micahsnyder
changed the title
|
Thank you anyway. It’s sad, of course, that these measures also hit ordinary users. I don’t know who to believe and who not, who is right, I’m not a politician and not a historian, but in the end I want to say: Trust no one. And question everything. |
|
I am going to pin this issue for a time, trim away excessive comments, and lock the conversation to make the official response (above) more obvious to those who encounter this issue. Don't open a new issue for this topic. This isn't the place to talk politics and our response isn't going to change simply so that you can continue to receive free malware signature database updates for our free software. We, the ClamAV team, do not have the authority to disobey government sanctions or disobey Cisco policy in response to those sanctions. We may re-enable access to the impacted regions if there is new direction from Cisco's legal department or if the sanctions are lifted. |
Hello, just today I was not able to access the site or update the database through the "sudo freshclam" command.
Command "freshclam" output:
_mint@pc:~$ sudo freshclam
Sun Mar 13 16:58:53 2022 -> ClamAV update process started at Sun Mar 13 16:58:53 2022
Sun Mar 13 16:58:53 2022 -> ^Cool-down expired, ok to try again.
Sun Mar 13 16:58:53 2022 -> daily database available for update (local version: 26471, remote version: 26480)
Current database is 9 versions behind.
Downloading database patch # 26472...
Time: 0.1s, ETA: 0.0s [========================>] 16B/16B
Sun Mar 13 16:58:53 2022 -> ^downloadPatch: Can't download daily-26472.cdiff from https://database.clamav.net/daily-26472.cdiff
Sun Mar 13 16:58:53 2022 -> ^Incremental update failed, trying to download daily.cvd
Time: 0.1s, ETA: 0.0s [========================>] 16B/16B
Sun Mar 13 16:58:53 2022 -> ^Can't download daily.cvd from https://database.clamav.net/daily.cvd
Sun Mar 13 16:58:53 2022 -> ^FreshClam received error code 403 from the ClamAV Content Delivery Network (CDN).
Sun Mar 13 16:58:53 2022 -> This could mean several things:
Sun Mar 13 16:58:53 2022 -> 1. You are running an out-of-date version of ClamAV / FreshClam.
Sun Mar 13 16:58:53 2022 -> Ensure you are the most updated version by visiting https://www.clamav.net/downloads
Sun Mar 13 16:58:53 2022 -> 2. Your network is explicitly denied by the FreshClam CDN.
Sun Mar 13 16:58:53 2022 -> In order to rectify this please check that you are:
Sun Mar 13 16:58:53 2022 -> a. Running an up-to-date version of FreshClam
Sun Mar 13 16:58:53 2022 -> b. Running FreshClam no more than once an hour
Sun Mar 13 16:58:53 2022 -> c. If you have checked (a) and (b), please open a ticket at
Sun Mar 13 16:58:53 2022 -> https://github.com/Cisco-Talos/clamav/issues
Sun Mar 13 16:58:53 2022 -> and we will investigate why your network is blocked.
Sun Mar 13 16:58:53 2022 -> ^You are on cool-down until after: 2022-03-14 16:58:53
Sun Mar 13 16:58:53 2022 -> !Database update process failed: Forbidden; Blocked by CDN
Sun Mar 13 16:58:53 2022 -> !Update failed.
_
Site output:
Error 1020 Ray ID: 6eb564255c9f166c • 2022-03-13 14:17:06 UTC
Access denied
What happened?
This website is using a security service to protect itself from online attacks.
But cloudflare in other sites doesn't block me(for example spigotmc.org).Except some sites(1-3 sites,for example systranbox.com).
And...
My IP: 88.210.29.10 (Russia)
I kind of read the news of this antivirus and so far they have not blocked Russian users. Or did they do it?
It’s just that I don’t have any special assumptions anymore why ONLY from my IP address I can’t visit the site and update. Against the background of numerous blockings, only such an idea appears. If this is so, then ... Not only companies, but also ordinary users were blocked, including me.
I am hope for your help.
The text was updated successfully, but these errors were encountered: