Thread Info
  • State Not Answered
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 36 replies
  • Subscribers 10 subscribers
  • Views 37567 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Please, help me PUA On-access detection in Sophos Linux

Henrique RJ

Hi

I have Sophos Free Linux in Kubuntu 14.04 and I necessited configure PUA on-access detect but I don't success to it ( I looked manual for savconfig in terminal ).

Any secret tip ?

Thanks



This thread was automatically locked due to age.
  • 0 in reply to QC

    QC said:
    Any secret tip
    The important question is: What is your scenario? Is this a Linux desktop and you want to be protected? Are yoi worrying that you might "pass something on"? Is this a file or web server accessed by non-Linux clients? Or a gateway?

    Christian

    Yes, it Linux desktop and I want to be protected.

  • 0 in reply to Henrique RJ

    Hello Henrique RJ,

    I see. There's AFAIK nothing that's categorized as Adware or PUA for Linux. The Linux biotope is different from the ones for Windows or OS X. As there are reputable repositories for all kinds of (open and free) software you're much less likely to install a something from somewhere.
    Having said that, browsing is the most likely cause for annoyance - but what could be caught by on-access scanning is mostly platform dependent and no problem on Linux.

    Christian

  • 0 in reply to QC

    But, Why Sophos detect phishings in Windows and not in Linux ?

  • 0 in reply to Henrique RJ

    Any hot tip ?

     

    oh come on people, I need one tweaking configuration for Sophos Linux to detect phishings, adwares, PUAs and miners in on-access ( the assinatures exists, it's downloaded every weeks, I look that ).

     

    thks

  • 0 in reply to Henrique RJ

    Hello Henrique RJ,

    why did you choose Linux as your desktop OS in the first place? No offence intended but wanting to tweak security software and being afraid of phishing does IMO not really fit together.

    Christian

  • 0 in reply to QC

    QC said:

    Hello Henrique RJ,

    why did you choose Linux as your desktop OS in the first place? No offence intended but wanting to tweak security software and being afraid of phishing does IMO not really fit together.

    Christian

     

     

    Christian

    Actually I considere Windows 10 extremally problematic.

    Look for this list in image:

    The select file is a " phis-clu.ide "

    It's a phishing assignature in the directory /opt/sophos-av/lib/sav/ downloaded in 27th may 2018

    Why Sophos AV Linux don't detect it ( on-access ) ?

    Who activate this detection in on-access ?

    That is a question.

    Thanks !!!

  • 0 in reply to Henrique RJ

    Hello Henrique RJ,

    Sophos AV Linux don't detect it
    doesn't detect which it? I'm not sure I understand what you expect. How can you tell what phis-clu.ide is supposed to detect? And how do you know that this detection is not activated? Do you have a sample that triggers Troj/Phish-CLU detection on Windows but not on Linux?

    Christian 

  • 0 in reply to QC

    QC said:

    Hello Henrique RJ,

    Sophos AV Linux don't detect it
    doesn't detect which it? I'm not sure I understand what you expect. How can you tell what phis-clu.ide is supposed to detect? And how do you know that this detection is not activated? Do you have a sample that triggers Troj/Phish-CLU detection on Windows but not on Linux?

    Christian 

     

     

    I tested others phishings sites ( by PhishTank ) detecteds for Sophos in VirusTotal anda in my Linux it don't detect.

    Example: www.virustotal.com/

  • 0 in reply to Henrique RJ

    Hello Henrique RJ,

    PhishTank deals with sites, On-Access scans files. As far as I can see the example site is blocked by Web Protection (which is not available on Linux) - the On-Access scanner and its detection items don't come into play here.

    Christian

Unfiltered HTML