Sophos
As I was going through the lynis suggestions, I realized that I should install an anti-virus solution on my machine. After reading a couple of sites:
I decided to try out sophos. I have used clamav in the past but apparently now it’s detection rate is pretty low:
Installing Sophos
The instructions are covered in Installing the standalone version of SAV for Linux/UNIX and also in the Sophos Anti-Virus for Linux startup guide. I downloaded the archive (the Sophos Anti-Virus for Linux/UNIX: Installing the standalone version page has good screenshots of the process) and then I extracted the archive:
Implementation of the SSE scheme Sophos (Scalable Optimal FOrward Secure) Read more master. Switch branch/tag. Find file Select Archive Format. Download source code. Sandboxie - Sandbox security software for Windows. Install and run programs in a virtual sandbox environment without writing to the hard drive.
Now let’s do the install:
Also as an FYI, it looks likes the UI is no longer available for sophos.
Compiling the Talpa Module
Initially the talpa module failed to compile:
I was missing the kernel source, so I installed that:
Re-running the compile worked out:
And now let’s load the module:
And to confirm it’s loaded:
Manually Updating Sophos
The update is configured to run every 60 minutes, but we can do one manually:
For good measure, let’s restart the service after the update:
I also double checked the services were enabled:
There are also a couple of services that are disabled (and I think that is okay):
Configuring Sophos Settings
You can check out the basic settings by running the following:
To get a full list you can run the following:
I enabled the option to be notified on an update:
Opera download for mac os x 10.8 5. By default the update period of 60 minutes so I decided to changed that to once a day:
Else you will see this in the logs all the time (and if you enabled the option to be emailed on an update, you will get an email every 60 minutes):
Running a quick scan manually
You can run a quick scan manually to see how clean your system is:
Setup a schedule to scan weekly
Thi is covered in Sophos Anti-Virus for Linuxconfiguration guide and Sophos Anti-Virus v9.x For Unix/Linux: Scheduled scan options. First create a folder for sheduled jobs:
Then copy the example to get started:
Sophos Utm Github
Modify the job to your needs:
And lastly add it to the config:
Sophos Github Tutorial
If you need to update it, first update the file (vi /opt/sophos-av/etc/jobs/weekly) and then update the config
To always get a summary of the scheduled savscan, you can set the following option (as per the Sophos Anti-Virus for Linux/Unix v9: Complete list of email alert settings:
Github Sophos Central
That should be it, enjoy sophos.