SpIDer Guard

Top  Previous  Next

The component is included only in the distributions for GNU/Linux OS.

The Linux file system monitor SpIDer Guard is designed for monitoring file activity on GNU/Linux file system volumes. The component operates as a resident monitor and controls main file system events related to modification (file creation, opening, closing). When such event is intercepted, the monitor checks whether the file was modified and, if so, the module generates a task for the Dr.Web File Checker file checker component to scan the modified file by the Dr.Web Scanning Engine scanning engine.

Moreover, the file system monitor SpIDer Guard detects attempts to run programs from their executables files. If a program in an executable file is detected malicious during scanning, all processes started from this executable file will be forcibly terminated.

 

Details:

Operating Principles

Command Line Arguments

Configuration Parameters

File System Monitoring Setting

Building kernel module for SpIDer Guard