Overview
Several methods can be used to test if the Sophos Home detection features are working correctly. Test these items from any Sophos Home computer:
The following sections are covered:
- On-demand and on-access scanning
- Web protection and web control
- Host intrusion prevention system (HIPS)
- Malicious Traffic Detection (MTD)
Note: All the files and links in this article are completely harmless. They are designed to trigger the Anti-Virus software into recognizing it as if they were a virus and if successful, will indicate a detection.
On-demand and on-access scanning
The EICAR test string is not a virus, it is an industry standard detection test. Sophos Anti-Virus will report its presence as EICAR-AV-Test virus.
- Download the eicar files from the eicar website.
- If downloading the zip version, ensure to decompress it to trigger a detection.
- For eicar.com and eicar.txt files, Sophos Home will trigger the following detections:
If the on-access scanner is enabled and functioning correctly, you should see a detection.
Web protection and web control
Use the Sophos Web Security and Control Test Site by SophosLabs to test the Sophos web protection and web control functionality.
- Select the Malware option to test if web protection is operating correctly. This will display a blocked page and a balloon alert on the system tray.
- To confirm whether web control is functioning, click the other options on the page to test the different category classifications . Ensure the category you are testing matches the category listed in your Sophos Home Dashboard (refer to this article).
Host intrusion prevention system (HIPS) - Windows only
Use the Sophos Web Security and Control Test Site by SophosLabs and use the Sophos HIPS Test Files. This will trigger the following detection (if you downloaded the zip file, please decompress it):
Malicious traffic detection (MTD) - Test available for Windows only.
To test the MTD feature, do the following:
- Copy and paste the following on Notepad or any other text editor:
set o = createobject("MSXML2.XMLHTTP")
o.open "GET", "http://sophostest.com/mtdtest/2/" & rnd, FALSE
o.send - Save the file as mtd.vbs
- Double-click the file to trigger a detection.
- If the MTD feature is active, you will receive a C2/generic-B detection on the endpoint.
Related Information
- How to temporarily disable Sophos Home to troubleshoot issues
- Setting scan exceptions
- Adding Local exclusions - Disabling Exploit Mitigation
- Excluding a file or application from Machine Learning detection
- Sophos Home blocks access to specific websites
Comments
0 comments
Article is closed for comments.