OK; Server Overload, but.......?

Discussion in 'NOD32 version 2 Forum' started by Cosmo32, Jul 30, 2008.

Thread Status:
Not open for further replies.
  1. Cosmo32

    Cosmo32 Guest

    Thank you all. Especially Marcos. I have gleaned much from all the recent discussion. However, I do still have an itch I can not solve. I do recall asking this question ~2yrs ago. At that time I was satisfied; but now I feel the need to ask again. Please accept my apologies....:doubt:

    I am now in a safe zone. My LUS/RAS/RAC sit at def file 3011. But, as I look at my event log, I see that several updates appear to have been skipped (#3005, #3006, #3009). :(
    for example:
    Time Module Event User
    [noparse]07/30/2008 14:39:16 Mirror Mirror has been updated successfully.
    07/30/2008 14:39:12 Kernel The virus signature database has been successfully updated to version 3311 (20080730).
    07/30/2008 11:31:08 Mirror Mirror has been updated successfully.
    07/30/2008 11:31:03 Kernel The virus signature database has been successfully updated to version 3310 (20080730).
    07/30/2008 02:31:05 Mirror Mirror has been updated successfully.
    07/30/2008 02:31:01 Kernel The virus signature database has been successfully updated to version 3308 (20080729).
    07/29/2008 15:27:32 Mirror Mirror has been updated successfully.
    07/29/2008 15:27:27 Kernel The virus signature database has been successfully updated to version 3307 (20080729).
    07/29/2008 14:41:38 Update Function: gethostbyname, parameters: , return value: 11001
    07/29/2008 14:41:38 Update Update attempt failed (Server connection failure.)
    07/28/2008 14:05:27 Mirror Mirror has been updated successfully.
    07/28/2008 14:05:23 Kernel The virus signature database has been successfully updated to version 3304 (2008072:cool:.
    07/28/2008 10:31:56 Mirror Mirror has been updated successfully.
    07/28/2008 10:31:51 Kernel The virus signature database has been successfully updated to version 3303 (2008072:cool:. [/noparse]

    Please believe me. I do not yet really believe that I am missing anything. However, I still do not know how to locally "prove to myself" LOCALLY that I really do have the above "missing" updates. :eek:

    Is it just a matter of checking the file index of my Mirror's files date/time stamps? OK, even if I do this, I still have no way to reverse decode the *.nup file names. And, I do accept that this might be "secret sauce" business. :eek:

    Perhaps, in the future, when ESET releases another update def file as "#3xxx", they might also append the "xxxxxx.nup" file name in parathethes.
    Perhaps not perfect, but this would help us feel happy that we are really [up to date] when the program says so. No harm, no foul. This sw is so auto-magic, I still can not stand it......... :D
     
  2. ASpace

    ASpace Guest

    The latest update (now 3312) contains everything . You have the latest one , you have it all .

    For example , my previous update was 3310 , now I got 3312.
     

    Attached Files:

  3. Cosmo32

    Cosmo32 Guest

    HighTechBoy,
    I really do enjoy your replies; but you missed my point. And, your included scan for your own V3 NOD A/V still highlights my query. How do you KNOW that you actually HAVE all the vdefs from the updates you did NOT actually get? o_O

    I am not trying to start a war here. I am trying to understand. I can, and do go to the ESET site and check what is the latest update. (Actually, I do this each morning over coffee!) I read through all the included signatures. I notice that there is NO duplication of these signatures between versions. So, I can only decipher what I read as "last update PLUS this new update EQUALS all that I need. There is no mention that "This vdef update does contain ALL of the previous update file's signatures." What am I missing? :doubt:

    And, if this Additive model were true, then I would expect to see each NEW update be physically greater than the previous update. I have never rarely ever seen this. Well, until ESET sends a 'baseline' update; but I fully understand this practice; I have since day 1. Baseline updates do not bother me; and, I do understand the additional server load to do this.

    I do not mind that there may be a temporary glitch in the ESET servers. I know that it will work itself out in time. I have patience. I do begin to worry when I look at my local Event Log and see skips (missing) updates.

    This is my question ATM. o_O
    Thank you.
     
  4. ASpace

    ASpace Guest

    Thanks for enjoying my replies . However , I did understood you :)

    I read your posts . I show you screenshots from my ESS event log because I upgraded all our computers to v3 but upd numbers are the same for both v2 and v3.

    On your question how do I know , well ... I know from a trusted sourse :) (An ESET moderator could explain it better than me) but the updates in the programs are incremential (not sure in the term) so that they supplement each other . The numbers of the updates are just numbers . Sometimes you won't update just the regular signatures but other things , too.

    Moreover , it isn't logical for the latest update not to contain everything from the previous updates + its own new stuff (add-ons and corrections) because in a day ESET may release much more than 1 update (up to 8 we have seen) . A third of the world sleeps through that time and when they wake up they would get the latest (a.k.a everything).
     
  5. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    The answer is simple - the engine module is compiled from the update files that have been downloaded. If something was missing (e.g. if an already downloaded file was corrupt or deleted during the process of compilation), you'd get an error and the engine wouldn't update.
     
  6. Cosmo32

    Cosmo32 Guest

    Marcos, I will accept your answer. I have never seen this ever happen. Just missed updates. I suspect I am treading on sacred ground. I just wish to know HOW I get the missing updates? I do understand what you said above, but still.... :doubt:

    HighTechBoy, Thank you for your help. But, you are V3. I am V2EE. I know you have past experience, but until I move to V3, much of what you now share means nothing to V2 users. Please do not STOP! :D

    Bubba, If you choose to close this thread; go4it! :D
     
  7. ASpace

    ASpace Guest

    I use v3 but I still have clients with NOD32 v2 (including business clients with EE) and we support them. The situation with the updates is the same for all NOD32/ESET versions .:thumb: :thumb: :thumb:
     
  8. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    I've just tried installing an outdated v2 and then cycled between all update servers from the list. In most cases, v2 updated at the first attempt. I will repeat the test a bit later. When you test it, please skip u21.eset.com which seems to be the only problematic server for some reason. We are investigating it.
     
  9. FirePost

    FirePost Registered Member

    Joined:
    Jul 29, 2005
    Posts:
    212
    Why not continue the engine2 updates for those not recieving the engine1 update? The version could have some signifier denoting it is a temporary update while the larger is distributed.

    Customers would not lag behind on definitions because of the server load issue and the server load could be further relieved by spreading the large engine1 updates over a longer period. Customers would no longer recieve the misleading up-to-date message when in fact they were days out sync with current definitions?
     
  10. helenab

    helenab Registered Member

    Joined:
    Jul 30, 2008
    Posts:
    12
    Sorry Marcos but server 89.202.157.136 is out of order too.
     
Thread Status:
Not open for further replies.