Linux file system monitor SpIDer Guard is designed for monitoring file activity on GNU/Linux file system volumes. The module operates in daemon mode and controls main file system events related to modification (file creation, opening, closing). When such event is intercepted, the monitor checks whether the file was modified and, if so, the module generates a task for component Dr.Web File Checker to initiate scanning of the modified file by scanning engine Dr.Web Scanning Engine.
Moreover, the file system monitor SpIDer Guard detects attempts to run programs form their executable files. If a program in an executable file is detected malicious, all processes started from this executable file are forcibly terminated.
|
The component is included only in the distributions designed for GNU/Linux OSes. |
Details: