I have a quick question...
I work for a security firm that creates and tests malware. We use Sophos in order to detect malware we don't want on our network and it is fantastic, a little too fantastic. The question I have deals with transferring my malware between my VM, or any other computer on my network, and my Windows machine.
I want to keep on-demand scanning and download scanning but I want to exclude specific CIDR ranges or internally networked IP addresses from being scanned, is there a way to do this? Is it possible to tell Sophos to whitelist traffic for downloaded content, that isn't necessarily on a remote share?
I went throught the manual and didn't find much so if all else fails I'm making a feature request.
I have exclusions setup so that Sophos will not scan specific folders containing malware, the problem that I am having is in the transfer of files to my local machine from, well, anywhere to those folders. It scans them as normal which it should, but then my malware becomes quarantined everytime, and it is only slightly annoying. But an IP exclusion list would be great.
Anyway that's my story. Let me know what you think. I'll entertain questions, so long as they are on topic.
This thread was automatically locked due to age.
