An antivirus scanner for Linux servers with Windows clients
Conclusions
Sophos has gotten many things right with its antivirus scanner for Linux: The tool runs unobtrusively in the background, and it only warns the user in case of an actual virus infection. On the downside, the program occupies more than 600MB on disk and takes a hefty swig of RAM: The two processes that make up the Sophos daemon need some 350MB of RAM even when idle.
To check the antivirus scanner's influence on the system's read and write performance, I copied the Linux kernel 4.0 source code on a Gigabit Ethernet LAN to a test computer with Debian 7.5 and SAV via SCP. Without antivirus protection, it took five minutes to transfer 52,000 files totaling 564MB. With the on-access scanner enabled, the copy time was almost twice this (Table 1). The additional hard disk access turned out to be the bottleneck; the CPU had more than enough resources during the file transfer process (Figure 5).
Table 1
Influence of the On-Access Scanner
Action | Duration (min) | Transfer rate (Mbps) | Compared (%) |
---|---|---|---|
Without On-Access Scanner |
|||
SCP receive |
4:57 |
15.18 |
100 |
SCP send |
6:23 |
11.77 |
100 |
With On-Access Scanner |
|||
SCP receive |
8:56 |
8.41 |
55.4 |
SCP send |
10:14 |
7.34 |
62.4 |
Who should install Sophos Anti-Virus for Linux? Sophos does not make any big promises for the product on its homepage: The program only looks for malware that targets Windows computers, Macs, and Android smartphones and tablets. The vendor does not say anything about malware for Linux; thus, the scanner targets users who want to safeguard Windows computers connected to a file server and keep their users from passing on files that are infected with malware. In this case, you will probably prefer to do without the power-hungry on-access scanner and investigate suspicious files as the need arises.
Infos
- Sophos Antivirus for Linux: https://www.sophos.com/en-us/products/free-tools/sophos-antivirus-for-linux.aspx
- Eicar test file: http://www.eicar.org/86-0-Intended-use.html
- Sophos forum: http://openforum.sophos.com/t5/Sophos-Anti-Virus-for-Linux/ct-p/LinuxBasic
- SAV FAQs: https://www.sophos.com/en-us/support/knowledgebase/121880.aspx
- SAV startup guide: https://www.sophos.com/en-us/medialibrary/PDFs/documentation/savl_9_sgeng.pdf
- SAV configuration guide: http://www.sophos.com/en-us/medialibrary/PDFs/documentation/savl_9_cgeng.pdf
« Previous 1 2
Buy this article as PDF
(incl. VAT)
Buy Linux Magazine
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters
Support Our Work
Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.
News
-
So Long Neofetch and Thanks for the Info
Today is a day that every Linux user who enjoys bragging about their system(s) will mourn, as Neofetch has come to an end.
-
Ubuntu 24.04 Comes with a “Flaw"
If you're thinking you might want to upgrade from your current Ubuntu release to the latest, there's something you might want to consider before doing so.
-
Canonical Releases Ubuntu 24.04
After a brief pause because of the XZ vulnerability, Ubuntu 24.04 is now available for install.
-
Linux Servers Targeted by Akira Ransomware
A group of bad actors who have already extorted $42 million have their sights set on the Linux platform.
-
TUXEDO Computers Unveils Linux Laptop Featuring AMD Ryzen CPU
This latest release is the first laptop to include the new CPU from Ryzen and Linux preinstalled.
-
XZ Gets the All-Clear
The back door xz vulnerability has been officially reverted for Fedora 40 and versions 38 and 39 were never affected.
-
Canonical Collaborates with Qualcomm on New Venture
This new joint effort is geared toward bringing Ubuntu and Ubuntu Core to Qualcomm-powered devices.
-
Kodi 21.0 Open-Source Entertainment Hub Released
After a year of development, the award-winning Kodi cross-platform, media center software is now available with many new additions and improvements.
-
Linux Usage Increases in Two Key Areas
If market share is your thing, you'll be happy to know that Linux is on the rise in two areas that, if they keep climbing, could have serious meaning for Linux's future.
-
Vulnerability Discovered in xz Libraries
An urgent alert for Fedora 40 has been posted and users should pay attention.