Sophos Anti-Virus for Linux


Depending on the architecture and location of your computer the Computing Centre recommends different variants of the Sophos. Therefore there are two different installation packages which on their part are available for 32-bit as well as 64-bit-architectures.
  • In case your computer is located on campus, you should install either the "savinstpkg_x86.tar.gz" (32 Bit) or "savinstpkg_x64.tar.gz" (64 Bit) package. The up-to-date virus signatures and software versions are then downloaded from the server every hour. In addition, the so called "Remote Management System (RMS)" is installed, which sends sophos status information to a server at the computing centre. This allows an early detection of security threats to the campus network. RMS forwards exclusively relevant properties of your computer to the server, for example your IP-address, the NETBIOS-name, your Sophos-Anti-Virus version, the date of the last scan and any findings of malicious software. RMS does not transmit any personal data of the user! 
    In case you are still concerned about the data protection regulations, you can alternatively install the package for computers located off-campus. It does not contain the RMS component and will not transfer any information about your PC.
  • In case your computer is located off-campus, e.g. at home, you should install the "savinstpkg_x86_ext.tar.gz" (32 Bit) or the "savinstpkg_x64_ext.tar.gz" (64 Bit), respectively. In this version, Sophos will also download the up to date virus signatures and software versions on an hourly basis. The "Remote Management System (RMS)" will not be installed.
You can only download the installation packages of Sophos Antivirus
  • anonymously within the campus network, 
  • over an existing vpn-connection or
  • with a valid user-ID (your stu- or su-account and the respective password).
A download is not possible anonymously off-campus. 
This is ensure compliance with the license regulations. 
Operating System with RMS without RMS
Linux 32-bit savinstpkg_x86.tar.gz savinstpkg_x86_ext.tar.gz
Linux 64-bit  savinstpkg_x64.tar.gz savinstpkg_x64_ext.tar.gz

Installing Sophos

Sophos can be installed using the packages provided by the computing centre. There are different packages which are all installed in the same way. To find out which one you need please consider the above part of this guide.
Download the package you need onto your computer.
From now on you need to work using root-level privileges:
Open terminal window and change to the directory where the package you downloaded is located. Unpack it using the following command:

 tar -xzvf %Package Name%


After unpacking, execute the following command:



Provide your stu- or su-account and the corresponding password when asked. University staff needs to use the email password granting access to the university's HERMES-mailserver. Please keep in mind that linux will probably not show any characters when typing in your password in the terminal window.

Keeping Sophos up to date

Sophos updates its virus definitions automatically in the background by default. However, if you want to update manually, you can do so by executing /opt/sophos-av/bin/savupdate. You may need root-level privileges to do so.

Scanning for viruses using savscan

Scan your data for viruses using savscan. If you wish to see a list of possible options, use the command savscan -h. You can also get detailed information on using savscan by viewing its man-page or the Sophos Configuration Guide.

Activating the web configuration interface

By starting /opt/sophos-av/bin/savsetup using root-level privileges you are able to configure Sophos and activate the web configuration interface. To do so, you have to choose the second option and follow the instructions provided. After successfully activating the interface, it can be reached under http://localhost:8081 (by default).

Sophos documentation