1. Installing and Updating Sophos
These instructions are primarily for people who want to install Sophos Anti-Virus onto their personal laptop and/or desktop. Please check with your local IT Support Staff about antivirus protection for college and departmental systems as local arrangements often apply, and installing the version intended for personal systems may cause problems.
A preconfigured installation package for Sophos for linux is available for installation onto personal laptops and desktops running Linux, together with some notes on installing and configuring the program. Limited additional support is available for Sophos on the Linux platform. For full information on configuring Sophos for Linux, please refer to the Sophos Anti-Virus for Linux documentation pages.
https://register.it.ox.ac.uk/software. Make a note of the location where you save or extract the downloaded file.
- Before starting, note that the Sophos install and uninstall scripts, as well as many of the utilities described in this document, need to be run as root. These instructions assume that you aren't logged on as root but are able to use the sudo command.
- If you have previously installed Sophos on your system you need to uninstall it
before you install the latest version. If you don't, configuration information such as
the credentials used to update Sophos will not be updated and automatic updating may
fail when these are updated in around November each year. Uninstalling Sophos is
usually done by running the command
- Make sure that you are connected to the internet when you install Sophos as the setup program needs to be able to download components as it installs.
- For a list of Linux versions that Sophos for Linux supports, see Sophos Anti-Virus for Linux: system requirements. Note that even where a kernel is not supported, Sophos may install and most functions will work fine. However, on-access scanning may not be available.
This section describes how to install Sophos once you have downloaded it from the OUCS Self-registration page.
After you have downloaded the file, open a command window and change to the directory
where you saved the download. First you need to decompress the package (you may have
chosen to do this as part of the download). On many systems you can do this using an
archive manager. Otherwise, using a terminal session, extract it using the command
tar -xzvf filename where you should replace filename with
the name of the file you downloaded. For example, at the time of writing the file is
called sophos75linux2013.tgz so the command would be
sophos75linux2013.tgz. This will decompress the package into the
Sophos is a 32bit application. If you are installing Sophos onto a 64bit linux system you may first need to install 32bit compatibility libraries, or you may see an error. On Ubuntu systems refer to the Sophos knowledgebase article Sophos Anti-Virus for Linux: Installation on Ubuntu 64-bit fails with "python not found" for details including the command line to install the libraries and resolve the problem.
The installation of Sophos onto your computer is an automatic process. Once you have started the installation please be patient and wait for it to complete. You are not required to help in this process. Once the install is complete you should see the following.
This is expected and normal. The GUI is disabled because a username and password are needed in order to configure the GUI. The GUI provides an easy way to carry out certain tasks such as stopping or starting the onaccess scanner, configuring exclusions and viewing the log. If you want the GUI you can enable it as described in the next section.
However, also keep an eye out for lines such as the ones shown outlined in red in the figure below. In this case the kernel isn't supported and the result is that on-acceess scanning is disabled. In other respects Sophos will work fine, so it will update automatically, and you can run manual or scheduled scans. Given the relatively low number of viruses specific to the linux platform, running a regular manual scan may be all that you need.
Sophos options can be configured via the command-line but if you prefer a graphical method of configuring many of the options, you can enable the GUI. There are a couple of ways of doing this, one of which is given below.
Start the configuration by running the command
/opt/sophos-av/bin/savsetup. Follow the prompts to enable the GUI. You will
be prompted for a username and password and you should make sure you set a strong
password. By default the GUI uses port 8081 but if this port is already in use the
configuration program will suggest an alternative. The picture below shows the sequence
You should see the line outlined in red in the figure above if everything is successful. The word done that is shown on the right of this line in green shows that the GUI daemon was started successfully.
Once the GUI is enabled, you can access it by opening a web browser and connecting to
http://localhost:8081. This address assumes that you used port
number 8081 for the GUI when you enabled it. If you used a different port number, make
sure that you change the 8081 part of the address as neccessary.
The initial status screen shows some configuration details and status information.
Several additional tabs are available.
Control will allow you to stop and
start the onaccess scanner, while on the
Scanning tab you can set some
options relating to scanning such as what to do if a virus is found. You can exclude
files and folders from being scanned using the
Scanning tab, configure how
you are alerted about any viruses found using the
Alerting tab and view the
log using the
Log Viewer tab.When you access any of the configuration
pages, you will be prompted for the username and password that you set when you enabled
Once Sophos has successfully installed you can check that all is well by running the
sudo /opt/sophos-av/bin/savdstatus. This command doesn't tell
you when Sophos was last updated. Examining the logs using the GUI or by running
sudo /opt/sophos-av/bin/savlog will tell you more.
Sophos Anti-Virus uses a username and password to automatically download updates. These credentials are valid for around 14 months and expire around November each year. Once they have expired, Sophos will no longer be updated, and your computer will be more vulnerable to new viruses etc.
This normally only applies to Sophos installed onto personal laptops and desktops. On college or departmental systems, Sophos (or other antivirus software) is often managed by your local IT Support staff and you should check with them before making any changes.
To make sure that you keep your computer(s) up to date, you will need to download and install a new Sophos package in October each year. Please see the FAQ for more details on how to check when your installation(s) of Sophos will stop updating.
So long as the updating credentials are current, Sophos for Linux is preconfigured to automatically download and install updates to keep your defences against viruses, trojans and worms as up-to-date as possible. On networked computers, this occurs once on hour (this is shown as 60 minutes on the status page of the GUI screen).
To find out when the program last updated itself, you can view the log by running the
sudo /opt/sophos-av/bin/savlog. Alternatively, if you have
enabled the GUI, you can use this to check the last update time.
If you encounter any problems there is a Frequently Asked Questions (FAQ) web page with answers to some of the most common issues that people encounter.