Sophos Anti-Virus for Linuxをインストールする

無償提供
Sophos Antivirus for Linux free edition は個人向けに完全無料の製品です。

本体はこちらからダウンロード

ダウンロードするにはユーザー登録が必要です。

# tar zxvf sav-linux-free-9.tgz
# ./sophos-av/install.sh

Sophos Anti-Virus
=================
Copyright (c) 1989-2015 Sophos Limited. All rights reserved.

Welcome to the Sophos Anti-Virus installer. Sophos Anti-Virus contains an on-
access scanner, an on-demand command-line scanner, the Sophos Anti-Virus  daemon,
and the Sophos Anti-Virus GUI.

On-access scanner Scans files as they are accessed, and grants access
to only those that are threat-free.
On-demand scanner Scans the computer, or parts of the computer,
immediately.
Sophos Anti-Virus daemon Background process that provides control, logging,
and email alerting for Sophos Anti-Virus.
Sophos Anti-Virus GUI User interface accessed through a web browser.

Press to display Licence. Then press to scroll forward.

Do you accept the licence? Yes(Y)/No(N) [N]
> Y

Where do you want to install Sophos Anti-Virus? [/opt/sophos-av]
> 

Do you want to enable on-access scanning? Yes(Y)/No(N) [Y]
> 

Sophos recommends that you configure Sophos Anti-Virus to auto-update.

It can update either from Sophos directly (requiring username/password details)
or from your own server (directory or website (possibly requiring
username/password)).

Which type of auto-updating do you want? From Sophos(s)/From own  server(o)/None(n) [s]
> 

Updating directly from Sophos.
Do you wish to install the Free (f) or Supported (s) version of SAV for Linux? [s]
> f

The Free version of Sophos Anti-Virus for Linux comes with no support.
Forums are available for our free tools at http://openforum.sophos.com/
Do you need a proxy to access Sophos updates? Yes(Y)/No(N) [N]
> 

Fetching free update credentials.
Installing Sophos Anti-Virus....
Selecting appropriate kernel support...
When Sophos Anti-Virus starts, it updates itself to try to find a Sophos kernel  interface module update. This might cause a significant delay.
Sophos Anti-Virus starts after installation.
Starting Sophos Anti-Virus daemon: [ OK ]

Installation completed.
On-access scanning not available. It was not possible to obtain or build suitable  kernel support because kernel headers are not installed.

ログ確認 

# /opt/sophos-av/bin/savlog
Time Category Event
Sun 06 Sep 2015 08:42:38 AM JST: savd.daemon Sophos Anti-Virus daemon started.
Sun 06 Sep 2015 08:42:53 AM JST: talpa.startup Unable to load Talpa modules.

アップデート 

# /opt/sophos-av/bin/savupdate
Updating from versions - SAV: 9.10.0, Engine: 3.60.0, Data: 5.15
Updating Sophos Anti-Virus....
Updating Talpa Binary Packs
Updating SAVScan on-demand scanner
Updating Virus Engine and Data
Updating Talpa Kernel Support
Updating Manifest
Selecting appropriate kernel support...
Update completed.
Successfully updated Sophos Anti-Virus from sdds:SOPHOS
Updated to versions - SAV: 9.10.0, Engine: 3.61.0, Data: 5.18

ログ確認 

# /opt/sophos-av/bin/savlog
Time Category Event
Sun 06 Sep 2015 08:42:38 AM JST: savd.daemon Sophos Anti-Virus daemon started.
Sun 06 Sep 2015 08:42:53 AM JST: talpa.startup Unable to load Talpa modules.
Sun 06 Sep 2015 08:59:39 AM JST: update.updated Updating from versions - SAV: 9.10.0, Engine: 3.60.0, Data: 5.15
Sun 06 Sep 2015 08:59:39 AM JST: update.updated Updating Sophos Anti-Virus....
Updating Talpa Binary Packs
Updating SAVScan on-demand scanner
Updating Virus Engine and Data
Updating Talpa Kernel Support
Updating Manifest
Selecting appropriate kernel support...
Update completed.

ステータス確認 

# /opt/sophos-av/bin/savdstatus
Sophos Anti-Virus is active and on-access scanning is running

動作確認 

# wget http://files.trendmicro.com/products/eicar-file/eicar.com
--2015-09-06 09:11:32-- http://files.trendmicro.com/products/eicar-file/eicar.com
Resolving files.trendmicro.com... 61.194.99.195, 61.194.99.178
Connecting to files.trendmicro.com|61.194.99.195|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 68 [text/plain]
Saving to: “eicar.com”

100%[======================================>] 68 --.-K/s in 0s 

2015-09-06 09:11:35 (3.09 MB/s) - “eicar.com” saved [68/68]

********************** Sophos Anti-Virus Alert *********************** 
Threat "EICAR-AV-Test" detected in file
"/export/home/work/eicar.com".

The file is still infected

**********************************************************************