Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Sophos Antivirus Install


  • Please log in to reply
30 replies to this topic

#1 pcpunk

pcpunk

  • Members
  • 5,296 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:01:29 AM

Posted 25 June 2015 - 01:18 AM

Thread for my Sophos Install.

 

I had the same issue as Paul88 because I was not smart enough to change the settings in my browser lol.  I then followed hollowface's instructions to Extract it, but, my Archive Manager was/looked different than the screenshot he posted, so I just clicked Extract anyhow and it seemed to do what it should.

 

The install went okay even though I didn't understand most of it.  After downloading with Archive manager I noticed that there was a file in /tmp and one in /home.  I went to "Home" and clicked on "install.sh" and chose "Run" but that did not work.  I then clicked on "Run in Terminal", that did not work either.

 

I then went to #3 in hollowface's Tutorial( http://www.bleepingcomputer.com/forums/t/578679/sophos-antivirus-for-linux/ ) as he said to do, and ran: sudo ~/sophos-av/install.sh  This worked to install Sophos.

 

I now tried to configure the GUI with sudo /opt/sophos-av/bin/savsetup  as suggested by hollowface but could not get it to work.

 

I will post this to show that on-access scanning is running: sudo /opt/sophos-av/bin/savdstatus

 

chris@chris-Aspire-3000 ~ $ sudo /opt/sophos-av/bin/savdstatus
[sudo] password for chris:
Sophos Anti-Virus is active and on-access scanning is running
chris@chris-Aspire-3000 ~ $


Don't really know what on-acess scanning is yet.
 


sBCcBvM.png

Created by Mike_Walsh

 

KDE, Ruler of all Distro's

eps2.4_m4ster-s1ave.aes_pcpunk_leavemehere

 


BC AdBot (Login to Remove)

 


m

#2 pcpunk

pcpunk
  • Topic Starter

  • Members
  • 5,296 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:01:29 AM

Posted 25 June 2015 - 01:23 AM

Am also interested as to how well this plays with apparmor?


sBCcBvM.png

Created by Mike_Walsh

 

KDE, Ruler of all Distro's

eps2.4_m4ster-s1ave.aes_pcpunk_leavemehere

 


#3 cat1092

cat1092

    Bleeping Cat


  • BC Advisor
  • 6,889 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina, USA
  • Local time:01:29 AM

Posted 25 June 2015 - 01:50 AM

Am also interested as to how well this plays with apparmor?

 

I also have AppArmor & ESET for Linux Desktop 4, evidently they play well together, so I don't see why Sophos wouldn't. 

 

Being that I don't have Sophos installed yet on a Linux OS, I can't address your issue as to why the GUI doesn't work. I was going to install it on one, but have been doing a few reinstalls on relative's computers & yesterday, one of my own. Seems like every time that I see some free time & feel up to doing anything, something comes up. 

 

I'll likely install Sophos in my Mint 17.1 Cinnamon VM. That will give me some experience w/out breaking a real install. VM's are easy to backup, copy over to an external & copy back when needed. 

 

Cat


Performing full disc images weekly and keeping important data off of the 'C' drive as generated can be the best defence against Malware/Ransomware attacks, as well as a wide range of other issues. 


#4 pcpunk

pcpunk
  • Topic Starter

  • Members
  • 5,296 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:01:29 AM

Posted 25 June 2015 - 03:01 AM

cat, I thought I read that Sophos did not play well with VM's, maybe you should look it up before trying it out.

 

Good to know Apparmor works with ESET, I'm guessing that it plays well with other av's, hoping more will share their experiences.


sBCcBvM.png

Created by Mike_Walsh

 

KDE, Ruler of all Distro's

eps2.4_m4ster-s1ave.aes_pcpunk_leavemehere

 


#5 Al1000

Al1000

  • Global Moderator
  • 6,705 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Scotland
  • Local time:06:29 AM

Posted 25 June 2015 - 03:07 AM

AppArmor restricts whatever applications it has an active profile for, and is not an anti-virus application. So there's no reason why it should interfere with or otherwise affect any anti-virus applications.

Edited by Al1000, 25 June 2015 - 03:07 AM.


#6 pcpunk

pcpunk
  • Topic Starter

  • Members
  • 5,296 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:01:29 AM

Posted 25 June 2015 - 03:40 AM

Good point Al, thanks.  I need to start a topic on Apparmor as I can't understand the documentation on it to create profiles.  All I want to do is create one for Silverlight/Pipelight if anyone thinks that would be a good thing.  Perhaps it would interfere with Pipelight I don't know.  I have read that sometimes the Silverlight Directory/File (I forget which) will get infected, but, that it's usually contained there.  I will keep looking into it and see if I can do it myself but have not been able to so far.  This documentation was not meant for beginners.


sBCcBvM.png

Created by Mike_Walsh

 

KDE, Ruler of all Distro's

eps2.4_m4ster-s1ave.aes_pcpunk_leavemehere

 


#7 Guest_hollowface_*

Guest_hollowface_*

  • Guests
  • OFFLINE
  •  

Posted 25 June 2015 - 04:19 PM

I now tried to configure the GUI with sudo /opt/sophos-av/bin/savsetup


Did you get any error messages? You should get a terminal output like this:
Welcome to Sophos Anti-Virus interactive configuration


[1] Auto-updating configuration
[2] Sophos Anti-Virus GUI configuration
[q] Quit
What do you want to do? [1]
>


#8 cat1092

cat1092

    Bleeping Cat


  • BC Advisor
  • 6,889 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina, USA

Posted 25 June 2015 - 10:15 PM

AppArmor restricts whatever applications it has an active profile for, and is not an anti-virus application. So there's no reason why it should interfere with or otherwise affect any anti-virus applications.

 

That's good to know, Al. :thumbup2:

 

Now I have to research the issue that pcpunk brought up in Post #4, my plan was to test Sophos on a VM first & see how it runs, learn how to install/configure it, so on. VM's makes an excellent testing environment to try out new software or apps that we may not want to beta test on our physical installs, in addition to making several computers out of one workstation. 

 

This is one of the benefits to large corporations to having these, is with newer workstations, one person can perform the duties of 3 to 4 on older XP ones. The upgrade totally pays for itself & then some in the first year or two at the most. 

 

To the enthusiast home user, it allows one to run a wide range of VM's, actually having each for a specific purpose, like say one for household finance (paying bills & filing taxes), others for socializing and forum participation, and having others just to play with. That's my situation & why I needed to upgrade my PC's HDD capacity for VM's recently. 

 

I'm hopeful that the Sophos tool will work on VM's, just as physical machines. Most all other tools does. 

 

Cat


Performing full disc images weekly and keeping important data off of the 'C' drive as generated can be the best defence against Malware/Ransomware attacks, as well as a wide range of other issues. 


#9 Guest_hollowface_*

Guest_hollowface_*

  • Guests
  • OFFLINE
  •  

Posted 25 June 2015 - 11:41 PM

@cat1092

 

I'm hopeful that the Sophos tool will work on VM's, just as physical machines.


Works fine in a VM for me. I'm using VMware Player 7.0.0 with ElementaryOS 0.3 as the guest.

#10 pcpunk

pcpunk
  • Topic Starter

  • Members
  • 5,296 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:01:29 AM

Posted 25 June 2015 - 11:45 PM

I did this tonight in Terminal  sudo /opt/sophos-av/bin/savsetup  and this is what I got:

 

 chris@chris-Aspire-3000 ~ $ sudo /opt/sophos-av/bin/savsetup

[sudo] password for chris:

Welcome to Sophos Anti-Virus interactive configuration

 

 

[1] Display update configuration

 

Configure primary update source:

[2] From Sophos

[3] From own server

 

Configure secondary update source:

[4] From Sophos

[5] From own server

 

[q] Quit

What do you want to do? [1]

> 2

 

Configuring primary update source to be Sophos.

Username for Sophos updates? [y]

>

 

Password for Sophos updates?

>

Do you need a proxy to access Sophos updates? Yes(Y)/No(N) [N]

>

 

[1] Display update configuration

 

Configure primary update source:

[2] From Sophos

[3] From own server

 

Configure secondary update source:

[4] From Sophos

[5] From own server

 

[q] Quit

What do you want to do? [1]

>


Edited by pcpunk, 25 June 2015 - 11:46 PM.

sBCcBvM.png

Created by Mike_Walsh

 

KDE, Ruler of all Distro's

eps2.4_m4ster-s1ave.aes_pcpunk_leavemehere

 


#11 pcpunk

pcpunk
  • Topic Starter

  • Members
  • 5,296 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida

Posted 25 June 2015 - 11:50 PM

 

AppArmor restricts whatever applications it has an active profile for, and is not an anti-virus application. So there's no reason why it should interfere with or otherwise affect any anti-virus applications.

 

That's good to know, Al. :thumbup2:

 

Now I have to research the issue that pcpunk brought up in Post #4,

 

Cat

 

That might have been an old article cat, I'm sure you looked it up by now but this is from Sophos:

https://www.sophos.com/en-us/support/knowledgebase/110507.aspx


sBCcBvM.png

Created by Mike_Walsh

 

KDE, Ruler of all Distro's

eps2.4_m4ster-s1ave.aes_pcpunk_leavemehere

 


#12 pcpunk

pcpunk
  • Topic Starter

  • Members
  • 5,296 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:01:29 AM

Posted 26 June 2015 - 12:01 AM

I could not get it to work so I chose "1" to see  "[1] Display update configuration"  just in case this would help.  As you can see, I set up a Secondary update source out of frustration.

 

 

What do you want to do? [1]
> 1
 
Primary update source address = sophos:
Primary update cache path = /opt/sophos-av/update/cache/Primary
Primary update source username = y
Primary update source password = ********
Update period minute = 60
Secondary update source address = sophos:
Secondary update cache path = /opt/sophos-av/update/cache/Secondary
Secondary update source username = chris
Secondary update source password = ********

sBCcBvM.png

Created by Mike_Walsh

 

KDE, Ruler of all Distro's

eps2.4_m4ster-s1ave.aes_pcpunk_leavemehere

 


#13 Guest_hollowface_*

Guest_hollowface_*

  • Guests
  • OFFLINE
  •  

Posted 26 June 2015 - 12:15 AM

I'm not sure why it's not listing the menu entry for configuring the GUI, but you can't very well configure it if it's not going to let you, lol. If you open your browser, and visit "http://localhost:8081" I don't suppose the GUI shows up?


Edited by hollowface, 26 June 2015 - 12:17 AM.


#14 pcpunk

pcpunk
  • Topic Starter

  • Members
  • 5,296 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:01:29 AM

Posted 26 June 2015 - 12:44 AM

No.  I'll do a search and see if I can sort it out.


sBCcBvM.png

Created by Mike_Walsh

 

KDE, Ruler of all Distro's

eps2.4_m4ster-s1ave.aes_pcpunk_leavemehere

 


#15 Guest_hollowface_*

Guest_hollowface_*

  • Guests
  • OFFLINE
  •  

Posted 26 June 2015 - 12:47 AM

Sorry I can't be of more assistance. I just haven't experienced this issue.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users