Kaspersky Embedded Systems Security for Linux

Kaspersky Embedded Systems Security for Linux

Print Support Send link

Contents

Scan settings section (System Integrity Check)
- Add scan scope window

Scan settings section (System Integrity Check)

System Integrity Check task settings

Setting	Description
Rebuild baseline on each task start	This check box enables or disables the rebuilding of the system baseline every time the System Integrity Check task is started. This check box is cleared by default.
Use hash for monitoring (SHA-256)	This check box enables or disables use of the SHA-256 hash for the System Integrity Check task. SHA-256 is a cryptographic hash function that produces a 256-bit hash value. The 256-bit hash value is represented as a sequence of 64 hexadecimal digits. This check box is cleared by default.
Track directories in monitoring scopes	This check box enables or disables checking of the specified directories while the System Integrity Check task is running. This check box is cleared by default.
Track last file access time	This check box enables or disables the tracking of file access time while the System Integrity Check task is running. This check box is cleared by default.
Monitoring scopes	The table that contains the monitoring scopes scanned by the task. By default, the table contains the Kaspersky internal objects (/opt/kaspersky/kess/) monitoring scope. You can add, configure, delete, move up, or move down monitoring scopes in the table. Clicking the Move down button moves the selected item down in the table. Kaspersky Embedded Systems Security scans objects in the specified scopes in the order they are listed in the table of scan scopes. If you want to configure security settings for a subdirectory that are different from the security settings of the parent directory, you must place the subdirectory higher than its parent directory in the table. This button is available if a scope is selected in the table. Clicking the Move up button moves the selected item up in the table. Kaspersky Embedded Systems Security scans objects in the specified scopes in the order they are listed in the table of scan scopes. If you want to configure security settings for a subdirectory that are different from the security settings of the parent directory, you must place the subdirectory higher than its parent directory in the table. This button is available if a scope is selected in the table. Clicking the Delete button excludes the selected scope from scans. This button is available if at least one scan scope is selected in the table. Clicking the scan scope name opens the <Scan scope name> window. In this window, you can modify the settings of the selected scan scope. Clicking the Add button opens the <New scan scope> window. In this window, you can define a new scan scope.

Add scan scope window

In this window, you can add or configure the monitoring scope for the System Integrity Check task.

Monitoring scope settings

Setting	Description
Scan scope name	Field for entering the monitoring scope name. This name will be displayed in the table in the Scan settings section. The entry field must not be blank.
Use this scope	This check box enables or disables scans of this scope by the application. If this check box is selected, the application controls this monitoring scope during the application's operation. If this check box is cleared, the application does not control this monitoring scope during the operation. You can later include this scope in the component settings by selecting the check box. The check box is selected by default.
File system, access protocol and path	Entry field for the path to the local directory that you want to include in the monitoring scope. You can use masks to specify the path. You can use the `` (asterisk) character to create a file or directory name mask. You can indicate a single `` character to represent any set of characters (including an empty set) preceding the `/` character in the file or directory name. For example, `/dir//file` or `/dir///file`. You can indicate two consecutive `` characters to represent any set of characters (including an empty set and the `/` character) in the file or directory name. For example, `/dir/*/file/` or `/dir/file/`. The `` mask can be used only once in a directory name. For example, `/dir///file` is an incorrect mask. You can use a single `?` character to represent any one character in the file or directory name. The field must not be blank. The / path is specified by default – the application scans all directories of the local file system.
Masks	The list contains name masks for the objects that the application scans. By default the list contains the * mask (all objects). You can add, edit, or delete masks. Clicking the Delete button removes the selected item from the table. This button is available if at least one item is selected in the table. The selected element's settings are changed in a separate window. Clicking the Add button opens a window where you can specify the new item settings.