How Can I Install and Run Sophos on Linux

supernewb

New Member
Joined
Apr 3, 2020
Messages
7
Reaction score
5
Credits
47
Hello,
I'm very new to Linux (and have had a hard time so far) so my problem is just ignorance.
I have downloaded Sophos for Linux, confirmed that it is in my Download folder with "find sav-linux--free-9.tgz"
then tried to install it using: "apt install sav-linux etc" but it comes up with "E: Unable to locate package sav-linux-free etc"

Any ideas what I'm doing wrong?

Many thanks in anticipation

Moodynewb :confused:
 


ok just looking at essence of your post . apt is suggesting you have a Debian based Distro and Sophos is software.

If i downloaded say somesoftware.tgz into Downloads and opened up a terminal , then the manual install would be something like

install command /path/to/software

so probably :

apt install /home/username/Downloads/paackage.tgz


basically when you open up a terminal window the bash is as far as file structure concerned is at ~ i.e home

so either cd to where package is and :

apt install pkg.tgz

or from ~ install using full path



if on the other hand Sophos is in your distro repo then it would be something like
apt install Sophos
 
My distro doesn't install tgz. I would need to uncompress it first.

OP, what distro are you using?
 
yes i thought that odd tgz ? is either slackware or unpack and old way

configure
make
make install
 
Hello,
I'm very new to Linux (and have had a hard time so far) so my problem is just ignorance.
I have downloaded Sophos for Linux, confirmed that it is in my Download folder with "find sav-linux--free-9.tgz"
then tried to install it using: "apt install sav-linux etc" but it comes up with "E: Unable to locate package sav-linux-free etc"

Any ideas what I'm doing wrong?

Many thanks in anticipation

Moodynewb :confused:
Is there a "Read me" which is included in that download?
If so, it may be worth reading. ¯\_(ツ)_/¯
 
How sure are you that want any Anti Virus on your computer at all ?

I have used Linux Mint for 5 years of thereabouts with no AV at all....with no dramas/problems at all

I do ensure that my browser is secure.....if anything is going to make inroads it will be via a browser.

Give some thought to going without an AV.

I think you will find that only the seriously paranoid here use one.....The vast majority will more than likely spend time making sure their browser is secure, and run with no AV

Welcome to the freedom of Linux.
 
Typically an apt installed .deb is not presented inside of a .tgz file. So follow what Alexzee recommended.

And I agree with Condobloke about the need for a Linux AV. I've said it before, and again, an AV in Linux is a waste of CPU cycles.
 
Is there a "Read me" which is included in that download?
If so, it may be worth reading. ¯\_(ツ)_/¯

nice thought, but no - only an install script and a handful of packages.

0cd7RxV.gif


(wizard appears in a puff of smoke, finds himself covered in tar. crap - there goes another robe)

g'day @supernewb and welcome to linux.org :) .

you are the OP (original poster), and could you answer that question on what distro are you using?

notwithstanding that, with the possible exception of slackware, all tarballs (tars) and zipped tars are handled in the same fashion, whether in debian-based, rpm-based and arch-based distros, and that is NOT with usual package management tools of apt/apt-get (debian), dnf/yum (rpm) nor pacman/yaourt/yay (arch)

alexzee's link in this case is the best, but has a modification i will add - use

sudo

before

./sophos-av/install.sh

back in a minute

chris turner
wizardfromoz
 
just catching up with input from @jglen490 ... our beams nearly crossed (ghostbusters)

So follow what Alexzee recommended.

better is to NOT install that package in that form. no offence, friend alexzee ;)

a. the installed result is terminal-based, not GUI
b. you will need a crash course in terminal commands just to run it
c. scan on demand is terminal based ... no right-click in file manager and test

and so on

there is likely a GUI frontend for sophos around, i haven't looked

but i am right with brian (condo) and jglen ... 6 years no av, no hiccups - see my signature

cheers all and

avagudweegend

chris turner
wizardfromoz

btw - and i run over 60 linux the same way
 
if i was going to go for any anti-virus first choice would clamav which i have installed on slackware. Use of it in the past has not been so much to scan my Linux box but to to help stop spread virus from usb stick ,where virus picked up at internet cafe from infecting family Windows laptops. It has successfully picked up and removed viruses from usb stick external hard drives etc. Clamav should be readily available via Distro repo
 
if i was going to go for any anti-virus first choice would clamav which i have installed on slackware. Use of it in the past has not been so much to scan my Linux box but to to help stop spread virus from usb stick ,where virus picked up at internet cafe from infecting family Windows laptops. It has successfully picked up and removed viruses from usb stick external hard drives etc. Clamav should be readily available via Distro repo

I used clamav the other day and to my surprise it returned back saying 1 infected file after a full 3 hour scan starteing from root and recursively scanning every directory i sued command

clamscan -r /

the problem was that although it told me 1 file was infected it didnt tell me which file it was or where it was or any more details about the infection. it did not say if it quaratined the file or anything. I did realise after the scan there where more options to do actions on an infected file.

my question is do i have to rescan the whole computer or is there a way for me find out which file was infected?????
 
ok well there are basic options i'll play with scanning a usb stick & post back

first got a test virus and put it onto a 4gig usb stick https://www.ikarussecurity.com/wp-content/downloads/eicar_com.zip

usb stick was founf to be mounted at : /run/media/andrew/9EA0-E584/

so i ran : bash-5.0# clamscan -v /run/media/andrew/9EA0-E584/

// -v is verbose mode see below



Scanning /run/media/andrew/9EA0-E584/eicar_com.zip
/run/media/andrew/9EA0-E584/eicar_com.zip: Eicar-Test-Signature FOUND
Scanning /run/media/andrew/9EA0-E584/eicar.com
/run/media/andrew/9EA0-E584/eicar.com: Eicar-Test-Signature FOUND

----------- SCAN SUMMARY -----------
Known viruses: 6744204
Engine version: 0.101.4
Scanned directories: 1
Scanned files: 8
Infected files: 2
Data scanned: 8.82 MB
Data read: 32.29 MB (ratio 0.27:1)
Time: 153.499 sec (2 m 33 s)


bash-5.0#
it told me it found two infected files plus everything it scanned; to see only infected files use -i flag

eg

bash-5.0# clamscan -i /run/media/andrew/9EA0-E584/
LibClamAV Warning: **************************************************
LibClamAV Warning: *** The virus database is older than 7 days! ***
LibClamAV Warning: *** Please update it as soon as possible. ***
LibClamAV Warning: **************************************************
/run/media/andrew/9EA0-E584/eicar_com.zip: Eicar-Test-Signature FOUND
/run/media/andrew/9EA0-E584/eicar.com: Eicar-Test-Signature FOUND








after getting info you can just manually check the suspected file. next i'm going to :

# clamscan -i --remove=yes /run/media/andrew/9EA0-E584/


yep that got rid of the test virus.


bash-5.0# clamscan -i --remove=yes /run/media/andrew/9EA0-E584/
LibClamAV Warning: **************************************************
LibClamAV Warning: *** The virus database is older than 7 days! ***
LibClamAV Warning: *** Please update it as soon as possible. ***
LibClamAV Warning: **************************************************
/run/media/andrew/9EA0-E584/eicar_com.zip: Eicar-Test-Signature FOUND
/run/media/andrew/9EA0-E584/eicar_com.zip: Removed.
/run/media/andrew/9EA0-E584/eicar.com: Eicar-Test-Signature FOUND
/run/media/andrew/9EA0-E584/eicar.com: Removed.

----------- SCAN SUMMARY -----------
Known viruses: 6744204
Engine version: 0.101.4
Scanned directories: 1
Scanned files: 3
Infected files: 2
Data scanned: 0.12 MB
Data read: 0.10 MB (ratio 1.24:1)
Time: 157.058 sec (2 m 37 s)
bash-5.0#









if
your scanning your system maybe use -i flag to get info then go and check out
suspected, maybe using find / locate to get exactly where it is.
 
Last edited:
I used clamav the other day and to my surprise it returned back saying 1 infected file after a full 3 hour scan starteing from root and recursively scanning every directory i sued command

clamscan -r /

the problem was that although it told me 1 file was infected it didnt tell me which file it was or where it was or any more details about the infection. it did not say if it quaratined the file or anything. I did realise after the scan there where more options to do actions on an infected file.

my question is do i have to rescan the whole computer or is there a way for me find out which file was infected?????
afraid so use -i flag to give you info ; this will still not remove . you could do that manually

i just put virus on my Desktop and used this syntax :

# clamscan -i /home/andrew/Desktop -r
bash-5.0# clamscan -i /home/andrew/Desktop -r
LibClamAV Warning: **************************************************
LibClamAV Warning: *** The virus database is older than 7 days! ***
LibClamAV Warning: *** Please update it as soon as possible. ***
LibClamAV Warning: **************************************************
/home/andrew/Desktop/eicar_com.zip: Eicar-Test-Signature FOUND

----------- SCAN SUMMARY -----------
Known viruses: 6744204
Engine version: 0.101.4
Scanned directories: 521
Scanned files: 3211
Infected files: 1
Data scanned: 91.80 MB
Data read: 161.00 MB (ratio 0.57:1)
Time: 197.171 sec (3 m 17 s)
bash-5.0#
 
afraid so use -i flag to give you info ; this will still not remove . you could do that manually

i just put virus on my Desktop and used this syntax :

# clamscan -i /home/andrew/Desktop -r
bash-5.0# clamscan -i /home/andrew/Desktop -r
LibClamAV Warning: **************************************************
LibClamAV Warning: *** The virus database is older than 7 days! ***
LibClamAV Warning: *** Please update it as soon as possible. ***
LibClamAV Warning: **************************************************
/home/andrew/Desktop/eicar_com.zip: Eicar-Test-Signature FOUND

----------- SCAN SUMMARY -----------
Known viruses: 6744204
Engine version: 0.101.4
Scanned directories: 521
Scanned files: 3211
Infected files: 1
Data scanned: 91.80 MB
Data read: 161.00 MB (ratio 0.57:1)
Time: 197.171 sec (3 m 17 s)
bash-5.0#

thanks for that captain! heres the out put from that mammoth scan i did

Known viruses: 6799746
Engine version: 0.102.2
Scanned directories: 151860
Scanned files: 916038
Infected files: 1
Total errors: 23952
Data scanned: 70000.07 MB
Data read: 225881.70 MB (ratio 0.31:1)
Time: 21818.150 sec (363 m 38 s)

my guess is its likely a toorent file ive downloaded but we will see!
 
Hello,
I'm very new to Linux (and have had a hard time so far) so my problem is just ignorance.
I have downloaded Sophos for Linux, confirmed that it is in my Download folder with "find sav-linux--free-9.tgz"
then tried to install it using: "apt install sav-linux etc" but it comes up with "E: Unable to locate package sav-linux-free etc"

Any ideas what I'm doing wrong?

Many thanks in anticipation

Moodynewb :confused:


i too cannot install sophos. Would be interested to hear what all of your thoughts are on the best virus protections available for linux??? a lot of articles ive read seem to all be in favour of clamav but im am sure there are other decent virus/malware scanners which are good too!

I also installed clamtk which is the gui frontend for the clamav, but it seems glitchy on my linux mint. it tells me it requires an update but it doesnt seem to want to update or able to update its else
 
Screenshot_20200404_111848.png

I have it running but I couldn't tell you how I got there. I remember it being a pain to install and Sophos had convoluted instructions. I think after I installed it didn't seem to be working but after a reboot it was indeed working.
 
Hello Everyone,
firstly thank you for so many replies, I will try and provide the information required by each helper.

1. For captain-sensible and arochester.
Distro is Linux Mint Cinnammon 19.3 'Tricia'

I'm thinking that "the bash" is the $ sign. Is that right?

2. For Alexzee
Pardon my ignorance but what does "untar the tar" mean?

3. For condobloke
I'm very much a belt and braces bloke and the laptop is a shared device. Even though we are fairly savvy, I don't want a dodgy e-mail infecting the laptop. Plus I have used Sophos a long time ago and it was good. Will try the suggestions and get back to you all.
 
Hello,
Sorry it has taken me so long to reply but I have only just found the 'Find Threads' button.
Thanks to everyone who has provided advice but I have found out that the version I downloaded does not have a GUI for Linux. As a result, I have decided to put installing an AV on hold. It might be a long hold...
 
At the end of the month, 30 June 2020, Debian 9 will have support from sophos, according to website.
Another case of software dictating the OS!
 

Members online


Top