{"id":384,"date":"2018-01-06T03:20:21","date_gmt":"2018-01-06T03:20:21","guid":{"rendered":"https:\/\/mellowhost.com\/blog\/?p=384"},"modified":"2018-01-06T03:20:21","modified_gmt":"2018-01-06T03:20:21","slug":"linux-disable-on-access-scanning-on-sophos-av","status":"publish","type":"post","link":"https:\/\/mellowhost.com\/blog\/linux-disable-on-access-scanning-on-sophos-av.html","title":{"rendered":"Linux: Disable On-Access Scanning on Sophos AV"},"content":{"rendered":"<p>We use Sophos AV instead of ClamAV in couple of our linux servers. Sophos comes with on access scanning that uses a kernel module to trigger which file has been accessed unlike ClamAV which only come with signature and a basic scanning tool by default. It has it&#8217;s own benefit while drawbacks too. You have to give a certain amount of resources for Sophos. There are times, when you may require to disable the On Access Scanning on Sophos AV to diagnose different issues with the server.<\/p>\n<p>To disable on access scanning on sophos AV, run the following from your terminal\/ssh console:<\/p>\n<p><code>\/opt\/sophos-av\/bin\/savdctl disable<\/code><\/p>\n<p>To re-enable on access scanning on sophos AV, run the following:<\/p>\n<p><code>\/opt\/sophos-av\/bin\/savdctl enable<\/code><\/p>\n<p>Sophos log file is located here:<\/p>\n<p><code>\/opt\/sophos-av\/log<\/code><\/p>\n<p>Sophos comes with multiple control binaries. They can be found at the following directory:<\/p>\n<p><code>\/opt\/sophos-av\/bin<\/code><\/p>\n<p>You can find sophos binaries available at the man page too:<\/p>\n<p><code>man savdctl<\/code><\/p>\n","protected":false},"excerpt":{"rendered":"<p>We use Sophos AV instead of ClamAV in couple of our linux servers. Sophos comes with on access scanning that uses a kernel module to trigger which file has been accessed unlike ClamAV which only come with signature and a basic scanning tool by default. It has it&#8217;s own benefit while drawbacks too. You have &hellip; <a href=\"https:\/\/mellowhost.com\/blog\/linux-disable-on-access-scanning-on-sophos-av.html\" class=\"more-link\">Continue reading<span class=\"screen-reader-text\"> &#8220;Linux: Disable On-Access Scanning on Sophos AV&#8221;<\/span><\/a><\/p>\n","protected":false},"author":3,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[203,180,12,20,21,150,25],"tags":[205,206,208,207,204],"_links":{"self":[{"href":"https:\/\/mellowhost.com\/blog\/wp-json\/wp\/v2\/posts\/384"}],"collection":[{"href":"https:\/\/mellowhost.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mellowhost.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mellowhost.com\/blog\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/mellowhost.com\/blog\/wp-json\/wp\/v2\/comments?post=384"}],"version-history":[{"count":1,"href":"https:\/\/mellowhost.com\/blog\/wp-json\/wp\/v2\/posts\/384\/revisions"}],"predecessor-version":[{"id":385,"href":"https:\/\/mellowhost.com\/blog\/wp-json\/wp\/v2\/posts\/384\/revisions\/385"}],"wp:attachment":[{"href":"https:\/\/mellowhost.com\/blog\/wp-json\/wp\/v2\/media?parent=384"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mellowhost.com\/blog\/wp-json\/wp\/v2\/categories?post=384"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mellowhost.com\/blog\/wp-json\/wp\/v2\/tags?post=384"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}