Instalando Sophos Antivirus for Linux Free Edition

Iniciado por jkmsjq, 05 de Junho de 2015, 12:30

tópico anterior - próximo tópico
Imprimir
Ir para Fim Páginas1
Ações

jkmsjq

05 de Junho de 2015, 12:30
Para quem utiliza Servidor Ubuntu em sua empresa, residência, está estudando Redes e Segurança de Redes, ou simplesmente tem paranoia com a questão de vírus no mundo GNU/Linux, existe uma boa opção de aplicativo de segurança: Sophos Antivirus for Linux Free Edition.

Este tutorial que adaptei, foi postado originalmente pelo usuário Holmes, no Fórum do Manjaro.

A seguir, o passo a passo.

1º) Download

Baixe a versão básica do Sophos Antivirus for Linux Free Edition.

Ao finalizar o download descompacte a pasta. Via modo gráfico, basta clicar com o botão direito do mouse sobre a pasta e selecionar Extrair Aqui, ou então, por linha de comando. Se você fez o download na pasta Downloads do seu Ubuntu, o comando completo é:

Código Selecionar
cd /home/seu_usuario/Downloads/
tar -xvf sav-linux-free-9.9.tgz

Onde o seu_usuario é o nome do usuário que você utiliza no seu Ubuntu!


2º) Instalação

Para intalação do Sophos, digite o seguinte comando, dentro da pasta descompactada do Sophos:

Código Selecionar
sudo .install.sh


Posteriormente, solicitará que escolha o tipo de auto-update.
Selecione Sophos.

Quando indagado para a versão, selecione Free.

CitarIt can update either from Sophos directly (requiring username/password details) or from your own server (directory or website (possibly requiring username/password)).

Which type of auto-updating do you want? From Sophos(s)/From own server(o)/None(n) (s)
> s

Do you wish to install the Free (f) or Supported (s) version of SAV for Linux? (s)
> f

3º) Como usá-lo?

Para verificar status on-access scan, faça o seguinte

Código Selecionar
/opt/sophos-av/bin/savdstatus

Resultado:

Código Selecionar
jeison@jeison-Infoway:~$ /opt/sophos-av/bin/savdstatus
Sophos Anti-Virus is active


Iniciar on-access scan, execute

Código Selecionar
sudo service sav-protect start

Saída no terminal:

Código Selecionar
jeison@jeison-Infoway:~$ sudo service sav-protect start
start: Job is already running: sav-protect


Executar on-demand scan, prossiga com

Código Selecionar
savscan /

Depois da pasta raíz escaneada do meu Ubuntu, o resultado foi:

Código Selecionar
jeison@jeison-Infoway:~$ savscan /
SAVScan virus detection utility
Version 5.12.0 [Linux/AMD64]
Virus data version 5.13, March 2015
Includes detection for 8899461 viruses, Trojans and worms
Copyright (c) 1989-2015 Sophos Limited. All rights reserved.

System time 11:44:20, System date 05 June 2015

Warning: SWEEP messages loaded from default locale en_GB

Quick Scanning

Could not open /etc/init.d/sav-rms
Could not open /etc/init.d/sav-protect
Could not open /etc/init.d/sav-web
Could not open /etc/subgid-
Could not open /etc/NetworkManager/system-connections/Luiz Viana Helpinfo
Could not open /etc/NetworkManager/system-connections/CEEP_1
Could not open /etc/NetworkManager/system-connections/Jeison-Kertesz
Could not open /etc/NetworkManager/system-connections/CEEP
Could not open /etc/NetworkManager/system-connections/Luiz Viana
Could not open /etc/gshadow-
Could not open /etc/default/cacerts
Could not open /etc/ssl/private (errno is 13)
Could not open /etc/polkit-1/localauthority (errno is 13)
Could not open /etc/passwd-
Could not open /etc/shadow-
Could not open /etc/gshadow
Could not open /etc/sudoers.d/README
Could not open /etc/security/opasswd
Could not open /etc/shadow
Could not open /etc/group-
Could not open /etc/cups/ssl (errno is 13)
Could not open /etc/sudoers
Could not open /etc/ppp/chap-secrets
Could not open /etc/ppp/pap-secrets
Could not open /etc/subuid-
Could not open /vmlinuz
Could not open /var/cache/lightdm/dmrc (errno is 13)
Could not open /var/cache/ldconfig (errno is 13)
Could not open /var/cache/cups/job.cache.O
Could not open /var/cache/apt/archives/lock
Could not open /var/spool/cron/atjobs (errno is 13)
Could not open /var/spool/cron/crontabs (errno is 13)
Could not open /var/spool/cron/atspool (errno is 13)
Could not open /var/spool/rsyslog (errno is 13)
Could not open /var/spool/cups (errno is 13)
Could not open /var/lock/aptitude
Could not open /var/lock/whoopsie/lock
Could not open /var/lib/samba/winbindd_privileged (errno is 13)
Could not open /var/lib/lightdm (errno is 13)
Could not open /var/lib/sudo (errno is 13)
Could not open /var/lib/urandom/random-seed
Could not open /var/lib/polkit-1 (errno is 13)
Could not open /var/lib/ureadahead/pack
Could not open /var/lib/apt/lists/lock
Could not open /var/lib/dpkg/lock
Could not open /var/lib/dpkg/triggers/Lock
Could not open /var/lib/udisks2 (errno is 13)
Could not open /var/log/samba/cores (errno is 13)
Could not open /var/log/btmp
Could not open /var/log/installer/syslog
Could not open /var/log/installer/debug
Could not open /var/log/installer/version
Could not open /var/log/installer/partman
Could not open /var/log/speech-dispatcher (errno is 13)
Could not open /var/run/wpa_supplicant (errno is 13)
Could not open /var/run/udisks2 (errno is 13)
Could not open /var/run/lightdm (errno is 13)
Could not open /var/run/cups/certs (errno is 13)
Could not open /var/run/samba/winbindd_privileged (errno is 13)
Could not open /var/run/samba/ncalrpc/np (errno is 13)
Could not open /home/jeison/.cache/dconf (errno is 13)
>>> Virus 'Troj/Keygen-FU' found in file /home/jeison/Downloads/Office 2010/Ativador/Office 2010 Toolkit.exe
Could not open /home/jeison/.config/enchant (errno is 13)
Could not open /home/jeison/.config/pulse/7a8574166aacb3b03c474f8554e3834d-runtime
Could not open /home/jeison/.mozilla/firefox/hip223b2.default-1402777301759/lock
Could not open /home/lost+found (errno is 13)
Could not open /root (errno is 13)
Could not open /usr/lib/cups/backend/serial
Could not open /usr/lib/cups/backend/gutenprint52+usb
Could not open /usr/lib/virtualbox/VBoxNetDHCP
Could not open /usr/lib/virtualbox/VBoxNetNAT
Could not open /usr/lib/virtualbox/VBoxNetAdpCtl
Could not open /usr/lib/virtualbox/VirtualBox
Could not open /usr/lib/virtualbox/VBoxHeadless
Could not open /usr/lib/virtualbox/VBoxVolInfo
Could not open /usr/lib/virtualbox/VBoxSDL
Could not open /usr/share/doc/google-chrome-stable (errno is 13)
Could not open /usr/local/bin/savscan
Could not open /usr/local/bin/sweep
Could not open /usr/local/etc/sav (errno is 13)
Could not open /lost+found (errno is 13)
Could not open /opt/sophos-av/uninstall.sh
Could not open /opt/sophos-av/lib (errno is 13)
Could not open /opt/sophos-av/bin (errno is 13)
Could not open /opt/sophos-av/etc/sophosav (errno is 13)
Could not open /opt/sophos-av/etc/free_version
Could not open /opt/sophos-av/doc (errno is 13)
Could not open /opt/sophos-av/log (errno is 13)
Could not open /opt/sophos-av/var (errno is 13)
Could not open /opt/sophos-av/uncdownload (errno is 13)
Could not open /opt/sophos-av/share (errno is 13)
Could not open /opt/sophos-av/talpa (errno is 13)
Could not open /opt/sophos-av/update (errno is 13)
Could not open /opt/sophos-av/include (errno is 13)
Could not open /opt/sophos-av/engine (errno is 13)
Could not open /opt/sophos-av/lib64 (errno is 13)
Could not open /opt/sophos-av/tmp (errno is 13)

61810 files scanned in 25 minutes and 53 seconds.
96 errors were encountered.
1 virus was discovered.
1 file out of 61810 was infected.
If you need further advice regarding any detections please visit our
Threat Center at: http://www.sophos.com/en-us/threat-center.aspx
End of Scan.
jeison@jeison-Infoway:~$ B

Ao detectar um arquivo afetado, Sophos nega o acesso ao arquivo e exibe uma notificação pop-up. Se isso não pode ser exibido, um alerta de cmdline é exibido.

Citar
[...]
>>> Virus 'Troj/Keygen-FU' found in file /home/jeison/Downloads/Office 2010/Ativador/Office 2010 Toolkit.exe
[...]
61810 files scanned in 25 minutes and 53 seconds.
96 errors were encountered.
1 virus was discovered.
1 file out of 61810 was infected.
[...]

E "boa diversão"...!!!  ;D ;D ;D

Para quem desejar acessar a postagem original do Holmes, clique aqui.
LinuxUser: 548942 / Dando um tópico como resolvido
"A verdade só é agressiva a quem vive de mentiras". Autor desconhecido.
Twitter: @jeisonkertesz

garfo

#1
05 de Junho de 2015, 12:48
Pô, tudo por linha de comando...  :-\
Garfo -  linux
"Pra quê complicar? Facilidade e simplicidade é tudo!"

jkmsjq

#2
05 de Junho de 2015, 14:33
Citação de: garfo online 05 de Junho de 2015, 12:48
Pô, tudo por linha de comando...  :-\

Comecei o post sendo bem claro:

Citação de: jkmsjq online 05 de Junho de 2015, 12:30
Para quem utiliza Servidor Ubuntu em sua empresa, residência, está estudando Redes e Segurança de Redes, ou simplesmente tem paranoia com a questão de vírus no mundo GNU/Linux,
LinuxUser: 548942 / Dando um tópico como resolvido
"A verdade só é agressiva a quem vive de mentiras". Autor desconhecido.
Twitter: @jeisonkertesz

Renan Rischiotto

#3
05 de Junho de 2015, 18:25 Última edição: 05 de Junho de 2015, 18:27 por colher
Massa!

CitarPô, tudo por linha de comando...

GNU/Linux = Linha de comando

CitarPara quem utiliza Servidor Ubuntu em sua empresa, residência, está estudando Redes e Segurança de Redes, ou simplesmente tem paranoia com a questão de vírus no mundo GNU/Linux

GNU/Linux não é perfeito e pode pegar vírus ;)

Puristas e fanáticos ficarão loucos em 3, 2, 1
Imprimir
Ir para Topo Páginas1
Ações