Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 5 replies
  • Subscribers 1 subscriber
  • Views 17107 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

AntiVirus on Linux: "On-access scanning not running"

TiBike

Hi,

First time using Sophos AV on Linux (used it on XP before, but looks a bit different there).
 
Anyway, when I look at the GUI at http://localhost:8081/ , next to the shield it says "On-access scanning: Active". Also the date when it was "Last updated" is today. All fine .

But when I run /opt/sophos-av/bin/savdstatus in a terminal window, the response is "Sophos Anti-Virus is active but on-access scanning is not running"
 
Can anyone explain why it says "on-access scanning is not running"? Is it a problem (sounds like it), and if so how do I fix it?

It's a standalone PC, running Linux Mint 16 Xfce and Sophos 9.5.2

Many thanks

:49902


This thread was automatically locked due to age.
  • 0

    Hi,

    Frist, On-access scanning is the scanning as you access files, so open then for reading or close them after writing.

    I guess the first thing to do is work out if on-access is actually working or not. 

    # /opt/sophos-av/bin/savlog -100 

    See if there are lines in the log says on-access is enabled.

    # lsmod | grep talpa

    See if there are any talpa modules loaded.

    Finally you can download eicar.com and see if it is detected.

    :49922
  • 0


    Thanks, I get it - it is enabled, but unless I'm accessing a file at the samne moment as I do savdstatus then the scanning's not actually "running"?

    I checked the savlog as you suggest. It shows scanning is enabled every time I boot up and disabled every time I shutdown. And, as I say, the GUI says  "On-access scanning: Active".

    Thanks for the eicar tip too - didn't know about that. Will try it when I've got email to root@localhost sorted, but that's another story :smileyhappy:

    :49946
  • 0

    You can change the email address that messages go to.

    # /opt/sophos-av/bin/savconfig set Email example@example.com

    :49982
  • 0

    Thanks. But am I right that I'd still need to setup a SMTP server? Although at least that way there'd be no extra setup on the email application to receive localhost stuff.

    :50156
  • 0

    You can point to any email server with the EmailServer configuration option. The default is localhost. The email server needs to accept unencrypted unauthenticated connections and deliver from the from address specified and to the receipient address(es) specified.

    # /opt/sophos-av/bin/savconfig set EmailServer <email-server>

    :50242