About Kaspersky for Linux

Kaspersky for Linux ("the Kaspersky application" or "the application") is designed to protect devices running Linux operating systems against various types of threats, network attacks, and scams.

Before you start working with the application, we recommend familiarizing yourself with the basic methods of managing the application.

You can manage the Kaspersky application:

• Using management commands on the command line.
• Using the application interface.

To use the Kaspersky app, you need to have basic knowledge of Alt, RED OS, Ubuntu or Uncom (depending on which of these operating systems is installed on your device). We recommend familiarizing yourself with the official Linux documentation, which will introduce you to the basic principles of managing the operating system:

• Alt
• RED OS
• Ubuntu
• Uncom

The following functional components and tasks of the application provide the main functions of device protection and control:

• File Threat Protection prevents infection of the file system on the user device. The File Threat Protection component starts automatically when the Kaspersky application is launched and scans all files that are opened, saved, and started in real time.

  You can also scan protected devices on demand using the following scan tasks:

  • Malware Scan. The application scans for the presence of malware in file system objects located on local disks of the device, as well as mounted and shared resources, which are accessed via SMB and NFS protocols. You can use this task to perform a full or custom scan of the device.
  • Critical Areas Scan. The application scans boot sectors, startup objects, process memory, and kernel memory.
• Removable Drives Scan. The Removable Drives Scan component allows you to monitor the connection of media to the device in real time and scan removable media with its boot sectors for malware. The Kaspersky application can scan the following removable media: CDs, DVDs, Blu-ray discs, flash drives (including USB modems), external hard drives, and floppy disks.
• Web Threat Protection. The Web Threat Protection component allows you to scan inbound traffic, prevent downloads of malicious files from the Internet, and block phishing, adware, and other malicious websites. The Kaspersky application can scan encrypted connections.
• Behavior Detection. The Behavior Detection component allows you to monitor for any malicious activity from applications in the operating system. When malicious activity is detected, the Kaspersky application can terminate the process of the application that is performing malicious activity.

The Kaspersky application lets you detect infected objects and neutralize threats detected in them. For this, the application can use:

• Application databases to detect and disinfect infected files. During the scan process, the application analyzes each file for the presence of a threat: it compares the file code with the code of a specific threat and looks for possible matches.
• Kaspersky Security Network. The use of data from Kaspersky Security Network ensures faster responses by the Kaspersky application to various threats, improves the performance of some protection components, and reduces the likelihood of false positives.

Before disinfection or removal, the Kaspersky application saves backup copies of files in the Backup located on the device. If after disinfection, you partially or completely lose access to important information in a disinfected file, you can restore the file from the copy.

While performing scan tasks, the Kaspersky application can disinfect and delete files that are protected from modification: files with the 'immutable' and 'append-only' attributes and files in directories with the 'immutable' and 'append-only' attributes. Backup stores copies of these files that were created before disinfection or deletion. You can restore files from backup copies, if necessary. When scan tasks are completed, the 'immutable' and 'append-only' attributes of disinfected files are reset.

The Kaspersky application can operate in Notify-only mode. Notify-only mode is an operation mode for the application in which, if a threat is detected, application components and tasks do not attempt to disinfect or delete malicious objects, deny access or block the activity of applications. Instead, the application only informs the user about the detected threat.

To keep the application up to date, additional application functions are provided:

• Activating the application using an activation code.
• Updating the databases and application modules from Kaspersky update servers or from a user-specified source on schedule and on demand.
• User access control for the application functions according to the user roles.
• Notification of the administrator about events that occurred while the application was running.
• Integrity check of application components using the integrity check tool.

The Kaspersky application is available under a subscription. The application is included in the following subscription plans:

• Kaspersky Standard
• Kaspersky Plus
• Kaspersky Premium

A subscription plan is a subscription option that includes a specific set of applications and their features.

The Kaspersky Premium subscription plan is not available in all regions.

The set of features available in the Kaspersky application does not depend on the selected subscription plan.

Distribution kit

You can purchase the Kaspersky app in one of the following ways:

• On the Kaspersky website (http://www.kaspersky.com) or on the website of a Kaspersky partner.

  When you purchase an application on the website, you download the files required to install the application from the website or from the My Kaspersky portal.

• In the store of a Kaspersky partner.

  When you purchase the application from a Kaspersky partner, you receive an installation disk for or download the files needed to install the application from the My Kaspersky portal.

  When you purchase the application, you get a subscription to use the app. To manage your subscription, you must creating an account on the My Kaspersky portal.

The distribution kit of the Kaspersky application includes the following files:

• kfl-2.0.0-<build number>.x86_64.rpm.setup is the installation package for distributions that use the RPM format.

  Contains a distribution package with the main application files, a distribution package with files of the application interface, and an installation script.

  The package can be installed on 64-bit operating systems that use the corresponding package manager.

• kfl_2.0.0-<build number>_amd64.deb.setup is the installation package for distributions that use the DEB format.

  Contains a distribution package with the main application files, a distribution package with files of the application interface, and an installation script.

  The package can be installed on 64-bit operating systems that use the corresponding package manager.

• ksn_license.<language ID>.

  This file contains the text of the Statement on Kaspersky Security Network. After installing the application, you can find the Kaspersky Security Network Statement in the /opt/kaspersky/kfl/doc/ directory.

• license.<language ID>.

  This file contains the text of the End User License Agreement. The End User License Agreement specifies the terms for using the application. After installing the application, you can find the End User License Agreement in the /opt/kaspersky/kfl/doc/ directory.

Independently changing application files using means not described in the application documentation or not recommended by Technical Support specialists may lead to poor performance and failures in the application and operating system, reduced protection of your device, inaccessible and corrupted data, as well as enabling the sending of additional statistics to KSN.

Page top

Hardware and software requirements

Hardware requirements

The Kaspersky application has the following hardware requirements:

• Core 2 Duo 1.86 GHz or faster processor
• swap partition at least 1 GB
• 2 GB of RAM for 64-bit operating systems
• 4 GB of free hard disk space for installation of the application and storage of temporary and log files
• When using the application interface, the monitor must be able to display windows that are 1000 pixels wide and 600 pixels high (if screen scaling is used, these dimensions are also scaled)

Software requirements

To install the Kaspersky application, one of the following operating systems must be installed on the device:

• Alt 10 or later, 64-bit
• RED OS 7 or later, 64-bit
• Ubuntu 24.04 or later, 64-bit
• Uncom 2.3.5 or later, 64-bit

What's new

This version of the application introduces the following features and improvements:

• The application runs in the background.
• The application interface has been completely redesigned.
• The application activation functionality has been implemented.
• The following new features have been added:
  • Web Threat Protection.
  • Behavior Detection.
  • Custom Scan.
  • Critical Areas Scan.
  • Rollback.
  • Removable Drives Scan.

The Kaspersky application is updated by installing a new version of the application.