Slashdot Mirror
AVG Backs Down From Flooding the Internet
Simon Wright writes "As a website that is featured heavily in many Google Australia search results, Whirlpool (Australia's largest technology forum) has been particularly affected by AVG's LinkScanner. We've seen a traffic increase as much as 12 hits per second from these bots. So we've actively and loudly campaigned against this move by AVG, encouraging all users of AVG 8.0 to uninstall the product. The discussion starts here. And AVG's backing down is posted here."
From that URL:"'As promised, I am letting you know that the latest update for AVG Free edition has addressed and rectified the issue that [Whirlpool] have brought to our attention. This update has now been released to users and has also been built into the latest installation package for AVG Free.' — Peter Cameron, Managing Director, AVG Australia."
See: http://forums.whirlpool.net.au/forum-replies.cfm?t=1007329&p=13#r256
The fix has been independently tested.
Cheers WTW
Simon has state that the server normally deals with 50 queries / second.
So 12 more / second is quite a bit of load.
Cheers WTW
I dunno, I use Avast, it's pretty good and free as well. I like the UI a bit better and it seems to get definition updates pretty frequently. Much less of a resource hog than Norton/McAfee too, although so is AVG.
All your base are belong to Wii.
I recently gave up on AVG. It was a nice free option until this version 8. Surely, Grisoft knew this was a big problem for a long time. They're not the only people who thought this approach of extra verification would be a good idea. MCAfee did it, Opera (I think) just linked up with one of the Microsoft spawns that tests everything and drags web use to a crawl. It's as poor an idea as "background" disk defragging which does nothing other than work the drives because it's not possible to sort a drive which is in flux.
Avast! is frequently recommended as a free anti-virus. BUT...do some research and you'll see it's not that great at catching known junk. ESET does test very well but you only get 30 days of free use. Avir's free version does seem to offer full integration (in-line scanning, auto updates, etc.) which I don't remember being there a few years ago when freeware scanners only worked on-demand. http://www.free-av.com/ It tests very well, actually, better than AVG and Avast!
In their defense, if I remember correctly, AVG DID offer free fully integrated inline scanning first with a decent catch rate. Why did it take them so long to comprehend version 8 was a hog and would generate so much anger and resentment? Who knows. Maybe their time has past just line PKZip...
The and Update system in AVG 8.0 is vastly improved.
I was using Avast and and installed it for several family members only to have one of them get a HORRID spyware infection.
Interestingly AVAST did not detect it at all, Spybot and Ad-aware could not completely remove it, but after installing AVG 8.0 it cleaned everything up.
After checking several reviews it seems AVG 8.0 has one of the best Virus and Spyware detection rates among current products.
EA David Gardner -"... but the consumers have proven that actually what they want is fun."
This is about the same amount of protection as pulling out is a form of birth control.
Are you telling me:
1. You never open links in search results to sites you have never been to?
- If you are running windows using Firefox or IE there have been many cases of 0 day exploits
2. Do you not use any USB storage devices?
- Just this Christmas I purchases a digital photo frame for a family member that had built in storage. low and behold when I went to preload it with photos it was already infected with a virus that was set to use auto play to install.
3. You 100% trust EVERY thing your friends or family send you? Document infections are still somewhat common. I suppose using Open office would get you around macro infections but you also might not be able to open company documents then.
I would also imagine that ANYONE who is on slashdot and manages security also believes in the layered approach. Inbound only filtering from your firewall and using your gut to know what is safe or not is an easy one to work around.. Well unless you are a hermit that never gets any email.
Users of Zeus Technology's ZXTM could use the following TrafficScript rule to protect themselves from AVG's DDoS attacks:
if( http.getHeader("Accept-Encoding") == "" &&
http.getHeader("Referer") == "" )
{
$ua = http.getHeader("User-Agent");
if( $ua == "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"||
$ua == "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1;1813)"||
$ua == "User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"||
$ua == "User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1;1813)" )
{
connection.discard();
}
}
The single web server that powers Whirlpool is typically handling 30 to 40 non-cached template requests per second. We've got over 15 gigabytes worth of user posts online, and receive hundreds of referrals from Google every minute.
Given that it's running on a 4-year-old web server (in tandem with another 4-year-old MySQL box), I think ColdFusion is doing pretty well for itself.
Cheers
Simon Wright
Computers are useless: they can only give you answers. -- Pablo Picasso
How about:
"Program Settings"->Sounds->Settings...
Then scroll to the "Automatic VPS Update" event and pick the "(None)" sound.
You do realize that ClamWin currently does not have an on-access scanner, don't you? That means a zero detection rate unless files are manually scanned. Right now, your 'clueless users' are unprotected.
When you're dead, you don't know you're dead. It only affects the people around you. Same thing when you're stupid.
That's 40 requests per second to the web server, not the database. Actually, this custom-built application is quite efficient, because that only translates to around 50-70 queries per second.
MySQL isn't the bottleneck. It's simply running on hardware that's not even a quarter as powerful as it should be if it were commercially operated. And that's before we take into account failover resources or future proofing.
I've seen cases of PHPBB and vB installations, with better hardware than us, unable to handle even a tenth the load we get.
40 requests per second is not a small load for a single website. Whirlpool gets around 1.5 to 2 million non-spider page views per day, plus and additional half million spider hits.
PostgreSQL and Firebird are certainly more comprehensive database stacks, but I'm quite sure they wouldn't match MySQL for efficiency when dealing with these relatively uncomplicated queries. Even if they could provide a nominal improvement, the effort involved in porting the databases and every query in this custom application would be extreme overkill.
Cheers
Simon Wright
Computers are useless: they can only give you answers. -- Pablo Picasso
As the owner of Whirlpool, please moderate the parent as uninformed.
While I'm not in a position to provide an unbiased opinion of WebCentral, they do cater to a very important market -- people who need a premium quality service. If my experience with the $0 service they provide Whirlpool is any indication, WebCentral are not just technically excellent, their support system is outstanding and reactive. I can only imagine how much better they treat the customers who pay them.
Just because you only want the bargain service, doesn't mean everyone does.
And the only reason Whirlpool isn't blazing fast, is because we're running with a bunch of WebCentral's spare hardware. We're a community service, not a business.
Cheers
Simon Wright
Computers are useless: they can only give you answers. -- Pablo Picasso
Well, yes but.. (you've seen the complaints).
Other decent free ones are:
Avast is popular.
AVira seems good, you get one popup ad per update.
Comodo permits business use.
BitDefender has a free version.
I'm not including ClamAV because it's just a scanner, no realtime protection.
Posting AC because I've moderated,
number11