Kaspersky Embedded Systems Security for Linux
3.3.0
English

Contents

Web Threat Protection

While the Web Threat Protection component is running, Kaspersky Embedded Systems Security scans inbound traffic and prevents downloads of malicious files from the Internet and also blocks phishing, adware, or other malicious websites.

The application scans HTTP, HTTPS, and FTP traffic. Also, the application scans websites and IP addresses. You can specify the network ports or network port ranges to be monitored.

To monitor HTTPS traffic, enable encrypted connection scans. To monitor FTP traffic, select the Monitor all network ports check box.

Web Threat Protection settings

Setting

Description

Enable Web Threat Protection

This check box enables or disables Web Threat Protection.

This check box is cleared by default.

Trusted web addresses

This group of settings contains the Configure button, which opens the Trusted web addresses window, where you can specify the list of trusted web addresses. Kaspersky Embedded Systems Security will not scan the contents of websites whose web addresses are included in this list.

Action on threat detection

Action that the application performs on a web resource where a dangerous object is detected:

  • Block access to all dangerous objects detected in web traffic, display a notification about the blocked access attempts, and log information about the dangerous objects (default value).
  • Inform the user when a dangerous object is detected in web traffic. Web Threat Protection allows this object to be downloaded to the device. At that, the application logs the information about the dangerous object and adds it to the list of active threats.

Scan settings

This group of settings contains the Configure button, which opens the Scan settings window, where you can configure the settings for scanning incoming traffic.

Page top

[Topic 234618]

Trusted web addresses window

In this window, you can add web addresses and web pages whose content you consider trusted.

You can only add HTTP/HTTPS web addresses to the list of trusted web addresses. You can use masks to specify web addresses. Masks are not supported to specify IP addresses. By default, the list is empty.

When creating an address mask, use an asterisk (*) as a placeholder for one or more characters. If you enter the *abc* address mask, it is applied to all web resources that contain the "abc" sequence (for example, www.virus.com/download_virus/page_0-9abcdef.html). To include the asterisk in the address mask as a character, but not as a mask, enter the * character twice (for example, www.virus.com/**/page_0-9abcdef.html means www.virus.com/*/page_0-9abcdef.html).

You can add, edit, and remove web addresses on the list.

Clicking the Delete button removes the selected item from the table.

This button is available if at least one item is selected in the table.

The selected element's settings are changed in a separate window.

Clicking the Add button opens a window where you can specify the new item settings.

Page top

[Topic 210555]

Web address window

In this window, you can add a web address or a web address mask to the list of trusted web addresses.

You can add only HTTP/HTTPS web addresses to the list of trusted web addresses. You can use masks to specify web addresses. Masks are not supported to specify IP addresses.

When creating an address mask, use an asterisk (*) as a placeholder for one or more characters. If you enter the *abc* address mask, it is applied to all web resources that contain the "abc" sequence (for example, www.virus.com/download_virus/page_0-9abcdef.html). To include the asterisk in the address mask as a character, but not as a mask, enter the * character twice (for example, www.virus.com/**/page_0-9abcdef.html means www.virus.com/*/page_0-9abcdef.html).

Page top
[Topic 202328]

Scan settings window

In this window, you can configure the settings for scanning incoming traffic during operation of the Web Threat Protection component.

Web Threat Protection settings

Setting

Description

Detect malicious objects

This check box enables or disables checking of links against the databases of malicious web addresses.

The check box is selected by default.

Detect phishing links

This check box enables or disables checking of links against the databases of phishing web addresses.

The check box is selected by default.

Use heuristic analysis for detecting phishing links

This check box enables or disables the use of heuristic analysis for detecting phishing links.

This check box is available if the Detect phishing links check box is selected, and is selected by default.

Detect adware

This check box enables or disables checking links against the databases of adware web addresses.

This check box is cleared by default.

Detect legitimate applications that may be used by hackers to harm devices or data

This check box enables or disables checking links against the databases of legitimate applications that can be used by hackers to harm devices or data.

This check box is cleared by default.

Page top

[Topic 210554]