[sanesecurity] Re: Long DB refresh times

From: Grayhat <grayhat@xxxxxxx>
To: sanesecurity@xxxxxxxxxxxxx
Date: Thu, 26 Apr 2012 08:50:36 +0200

 
> Also: currently all my databases contain the last 90 days of
> compromised URIs. I can decrease the size of the DB by considering a
> smaller time window, but given the increase I've been observing in
> the number of compromised websites I'm not sure a change of a 2 or 3
> factor is going to last long...

Emanuele... not sure it's doable nor if you can/want take the time to
do it but... in a past we discussed the same thing (timeframe) while
dealing with "InetMsg-Spamdomains"; the solution (ok the approach) was
to have separate signature files ... so one may either pick the "2
weeks" one or the bigger "2 months" one; now, I'm not sure (as I wrote)
it's doable, but it may be an idea having a second set of databases
carrying signatures related to a shorter timeframe (so smaller); at
that point one may decide which signature he prefers to use (not both,
by the way, that doesn't make sense :D)

Follow-Ups:
- [sanesecurity] Re: Long DB refresh times
  - From: Emanuele Balla (aka Skull)
- [sanesecurity] Re: Long DB refresh times
  - From: Steve Basford

References:
- [sanesecurity] Long DB refresh times
  - From: David Mayo
- [sanesecurity] Re: Long DB refresh times
  - From: Steve Basford
- [sanesecurity] Re: Long DB refresh times
  - From: Henrik K
- [sanesecurity] Re: Long DB refresh times
  - From: TR Shaw
- [sanesecurity] Re: Long DB refresh times
  - From: Paul Enlund
- [sanesecurity] Re: Long DB refresh times
  - From: Steve Basford
- [sanesecurity] Re: Long DB refresh times
  - From: Emanuele Balla (aka Skull)

Other related posts:

» [sanesecurity] Long DB refresh times- David Mayo
» [sanesecurity] Re: Long DB refresh times- Michael Orlitzky
» [sanesecurity] Re: Long DB refresh times- micah anderson
» [sanesecurity] Re: Long DB refresh times- Richard Doyle
» [sanesecurity] Re: Long DB refresh times- Robo Kupka
» [sanesecurity] Re: Long DB refresh times- Steve Basford
» [sanesecurity] Re: Long DB refresh times- micah anderson
» [sanesecurity] Re: Long DB refresh times- Henrik K
» [sanesecurity] Re: Long DB refresh times- TR Shaw
» [sanesecurity] Re: Long DB refresh times- Robo Kupka
» [sanesecurity] Re: Long DB refresh times- Gerard Seibert
» [sanesecurity] Re: Long DB refresh times- Richard Doyle
» [sanesecurity] Re: Long DB refresh times- TR Shaw
» [sanesecurity] Re: Long DB refresh times- Paul Enlund
» [sanesecurity] Re: Long DB refresh times- Severus
» [sanesecurity] Re: Long DB refresh times- Steve Basford
» [sanesecurity] Re: Long DB refresh times- Emanuele Balla (aka Skull)
» [sanesecurity] Re: Long DB refresh times- Severus
» [sanesecurity] Re: Long DB refresh times- David Mayo
» [sanesecurity] Re: Long DB refresh times- John Horne
» [sanesecurity] Re: Long DB refresh times- Steve Basford
» [sanesecurity] Re: Long DB refresh times- John Horne
» [sanesecurity] Re: Long DB refresh times- Paul Enlund
» [sanesecurity] Re: Long DB refresh times- Gerard Seibert
» [sanesecurity] Re: Long DB refresh times- Henrique de Moraes Holschuh
» [sanesecurity] Re: Long DB refresh times- Robo Kupka
» [sanesecurity] Re: Long DB refresh times- TR Shaw
» [sanesecurity] Re: Long DB refresh times- Emanuele Balla
» [sanesecurity] Re: Long DB refresh times- Steve Basford
» [sanesecurity] Re: Long DB refresh times- Robo Kupka
» [sanesecurity] Re: Long DB refresh times- Alan Stern
» [sanesecurity] Re: Long DB refresh times- Steve Basford
» [sanesecurity] Re: Long DB refresh times- Emanuele Balla
» [sanesecurity] Re: Long DB refresh times- Emanuele Balla
» [sanesecurity] Re: Long DB refresh times- Steve Basford
» [sanesecurity] Re: Long DB refresh times- Steve Basford
» [sanesecurity] Re: Long DB refresh times- Robo Kupka
» [sanesecurity] Re: Long DB refresh times- Cernohorsky Wolfgang
» [sanesecurity] Re: Long DB refresh times- Severus
» [sanesecurity] Re: Long DB refresh times- TR Shaw