Компонент anti cryptor kaspersky linux
Anti-Cryptor allows you to protect your files in local directories with network access by SMB/NFS protocols from remote malicious encryption.
While the Anti-Cryptor component is running, Kaspersky Endpoint Security scans remote devices calls to access the files located in the shared network directories of the protected device. If the application considers a remote device actions on network file resources to be malicious encrypting, this device is added to a list of untrusted devices and loses access to the shared network directories. The application does not consider activity to be malicious encryption if it is detected in the directories excluded from the protection scope of the Anti-Cryptor component.
This feature is not supported in the KESL container.
For the Anti-Cryptor component to operate correctly, at least one of the services (Samba or NFS) must be installed in the operating system. For the NFS service, the rpcbind package must be installed.
Anti-Cryptor operates correctly with the SMB1, SMB2, SMB3, NFS3, TCP/UDP, and IP/IPv6 protocols. Working with NFS2 and NFS4 protocols is not supported. It is recommended to configure your server settings so that the NFS2 and NFS4 protocols cannot be used to mount resources.
Anti-Cryptor does not block access to network file resources until the device activity is identified as malicious. So, at least one file will be encrypted before the application detects malicious activity.
Anti-Cryptor protection enabled / disabled
This toggle button enables or disables protection of files in the local directories with network access by SMB/NFS protocols from remote malicious encryption.
The toggle button is switched off by default.
Clicking the Configure protection scope link opens the Protection scopes window.
Untrusted hosts blocking enabled / disabled
This toggle button enables or disables untrusted hosts blocking.
The check toggle button is switched on by default.
Block untrusted host for (min)
In this field you can specify the untrusted host blocking duration in minutes. After the specified time, Kaspersky Endpoint Security removes the untrusted devices from the list of blocked devices. The access of the host to network file resources is restored automatically, after it is deleted from the list of untrusted hosts.
If a compromised host is blocked and you change this setting value, the blocking time for this host will not change. The blocking time is not a dynamic value, and it is calculated at the moment of blocking.
Available values: integer from 1 to 4294967295.
Clicking the Configure exclusions link opens the Exclusion scopes window.
Clicking the Configure exclusions by mask link opens the Exclusions by mask window.
Компонент anti cryptor kaspersky linux
Anti-Cryptor allows you to protect your files in local directories with network access by SMB/NFS protocols from remote malicious encryption.
While the Anti-Cryptor component is running, Kaspersky Endpoint Security scans remote devices calls to access the files located in the shared network directories of the protected device. If the application considers a remote device actions on network file resources to be malicious encrypting, this device is added to a list of untrusted devices and loses access to the shared network directories. The application does not consider activity to be malicious encryption if it is detected in the directories excluded from the protection scope of the Anti-Cryptor component.
This feature is not supported in the KESL container.
For the Anti-Cryptor component to operate correctly, at least one of the services (Samba or NFS) must be installed in the operating system. For the NFS service, the rpcbind package must be installed.
Anti-Cryptor operates correctly with the SMB1, SMB2, SMB3, NFS3, TCP/UDP, and IP/IPv6 protocols. Working with NFS2 and NFS4 protocols is not supported. It is recommended to configure your server settings so that the NFS2 and NFS4 protocols cannot be used to mount resources.
Anti-Cryptor does not block access to network file resources until the device activity is identified as malicious. So, at least one file will be encrypted before the application detects malicious activity.
Anti-Cryptor protection enabled / disabled
This toggle button enables or disables protection of files in the local directories with network access by SMB/NFS protocols from remote malicious encryption.
The toggle button is switched off by default.
Clicking the Configure protection scope link opens the Protection scopes window.
Untrusted hosts blocking enabled / disabled
This toggle button enables or disables untrusted hosts blocking.
The check toggle button is switched on by default.
Block untrusted host for (min)
In this field you can specify the untrusted host blocking duration in minutes. After the specified time, Kaspersky Endpoint Security removes the untrusted devices from the list of blocked devices. The access of the host to network file resources is restored automatically, after it is deleted from the list of untrusted hosts.
If a compromised host is blocked and you change this setting value, the blocking time for this host will not change. The blocking time is not a dynamic value, and it is calculated at the moment of blocking.
Available values: integer from 1 to 4294967295.
Clicking the Configure exclusions link opens the Exclusion scopes window.
Clicking the Configure exclusions by mask link opens the Exclusions by mask window.
Компонент anti cryptor kaspersky linux
The Anti-Cryptor task allows you to protect your files in the local directories with network access by SMB/NFS protocols from remote malicious encrypting.
While the Anti-Cryptor task is running, Kaspersky Endpoint Security scans remote computers’ calls to access files located in the shared network directories of the protected device. If the application considers a remote computer’s actions on network file resources to be malicious encrypting, then this computer is added to a list of untrusted hosts and loses access to the shared network directories.
Kaspersky Endpoint Security does not consider activity to be malicious encrypting if the detected encryption activity takes place in directories excluded from the scope of the Anti-Cryptor task.
By default, Kaspersky Endpoint Security blocks untrusted hosts’ access to network file resources for 30 minutes.
For the Anti-Cryptor task to perform correctly, at least one of the services (Samba or NFS) must be installed on the operating system. For the NFS service, the rpcbind package must be installed.
The Anti-Cryptor task runs correctly with SMB1, SMB2, SMB3, NFS3, TCP/UDP, and IP/IPv6 protocols. Working with NFS2 and NFS4 protocols is not supported. We recommend to configure your server settings so that NFS2 and NFS4 protocols could not be used to mount resources.
The Anti-Cryptor task does not block access to network file resources until the host’s activity is identified as malicious. So at least one file will be encrypted before the application detects a malicious activity.
Anti-Cryptor protection enabled / disabled
This toggle button enables or disables the protection of files in the local directories with network access by SMB/NFS protocols from remote malicious encrypting.
This toggle button is switched off by default.
Clicking the Configure scan scope link opens the Scan scope window.
Untrusted hosts blocking enabled / disabled
This toggle button enables or disables blocking of the untrusted devices.
This toggle button is switched on by default.
Block untrusted host for (min)
This field lets you specify the time to block an untrusted host (in minutes). After the specified time is reached, Kaspersky Endpoint Security removes untrusted hosts from the list of blocked hosts. The access of the host to network file resources is restored automatically, after it is deleted from the list of untrusted hosts.
If a compromised host is blocked and you change this setting value, the blocking time for this host will not change. The blocking time is not a dynamic value, and it is calculated at the moment of blocking.
Available values: integer from 1 to 4294967295 .
Clicking the Configure exclusions link opens the Exclusions window.
Clicking the Configure exclusions by mask link opens the Exclusions by mask window.
Компонент anti cryptor kaspersky linux
The Anti-Cryptor task allows you to protect your files in the local directories with network access by SMB/NFS protocols from remote malicious encrypting.
While the Anti-Cryptor task is running, Kaspersky Endpoint Security scans remote computers’ calls to access files located in the shared network directories of the protected device. If the application considers a remote computer’s actions on network file resources to be malicious encrypting, then this computer is added to a list of untrusted hosts and loses access to the shared network directories.
Kaspersky Endpoint Security does not consider activity to be malicious encrypting if the detected encryption activity takes place in directories excluded from the scope of the Anti-Cryptor task.
By default, Kaspersky Endpoint Security blocks untrusted hosts’ access to network file resources for 30 minutes.
For the Anti-Cryptor task to perform correctly, at least one of the services (Samba or NFS) must be installed on the operating system. For the NFS service, the rpcbind package must be installed.
The Anti-Cryptor task runs correctly with SMB1, SMB2, SMB3, NFS3, TCP/UDP, and IP/IPv6 protocols. Working with NFS2 and NFS4 protocols is not supported. We recommend to configure your server settings so that NFS2 and NFS4 protocols could not be used to mount resources.
The Anti-Cryptor task does not block access to network file resources until the host’s activity is identified as malicious. So at least one file will be encrypted before the application detects a malicious activity.
Anti-Cryptor protection enabled / disabled
This toggle button enables or disables the protection of files in the local directories with network access by SMB/NFS protocols from remote malicious encrypting.
This toggle button is switched off by default.
Clicking the Configure scan scope link opens the Scan scope window.
Untrusted hosts blocking enabled / disabled
This toggle button enables or disables blocking of the untrusted devices.
This toggle button is switched on by default.
Block untrusted host for (min)
This field lets you specify the time to block an untrusted host (in minutes). After the specified time is reached, Kaspersky Endpoint Security removes untrusted hosts from the list of blocked hosts. The access of the host to network file resources is restored automatically, after it is deleted from the list of untrusted hosts.
If a compromised host is blocked and you change this setting value, the blocking time for this host will not change. The blocking time is not a dynamic value, and it is calculated at the moment of blocking.
Available values: integer from 1 to 4294967295 .
Clicking the Configure exclusions link opens the Exclusions window.
Clicking the Configure exclusions by mask link opens the Exclusions by mask window.