Monitoring of Network Connections

 Top  Previous  Next

Continuous control of established network connections is performed by SpIDer Gate. It restricts access to websites added to user black lists or marked as unwanted for visiting. In addition, SpIDer Gate checks sent and received email messages and files being downloaded from the Internet and blocks them if a threat is detected.

The Dr.Web for Linux allows to configure SpIDer Gate, namely:

Start and stop the network connection monitor.

View the number of checked and blocked objects and attempts to access websites

Configure the following parameters of network connection monitoring:

List of websites access to which is restricted

Personal black and white lists of websites

Parameters of checking files downloaded from the Internet or transmitted via email.

Managing Operation of the Network Connection Monitor

You can start and stop the network connection monitor SpIDer Gate and view statistics on its operation on the special page of Dr.Web for Linux. To access the page, click the SpIDer Gate button on the main page.

Figure 29. SpIDer Gate management page

On the page for monitoring management, the following information is displayed:

State of the network connection monitor SpIDer Gate (enabled or disabled) and details on errors if they occurred during the component operation.

Monitoring statistics:

Average speed of scanning of email messages and files downloaded from the Internet.

Number of checked objects (email messages, files downloaded from the Internet and URLs).

Number of blocked attempts to access websites and malicious objects

To enable monitoring, if disabled, click the Enable button. To disable monitoring, if enabled, click the Disable button.

To disable the monitoring of network connections, the application must operate with elevated permissions. Refer to Managing Application Privileges section.

 

The option to enable and disable SpIDer Gate network connection monitor when Dr.Web for Linux is operating under the central protection server can be blocked if disabled by the server.

State of the network connection monitor SpIDer Gate (enabled or disabled) is indicated as follows:

SpIDer Gate is enabled and is controlling network connections (and also email and Internet access).

SpIDer Gate is not controlling network connections (access to websites is not restricted, email messages and downloaded files are not checked) because either the user disabled the component or an error occurred.

If a mail client runs in the system (such mail client as Mozilla Thunderbird) that uses the IMAP protocol to receive email messages, it is necessary to restart it after enabling SpIDer Gate to provide the scanning of incoming email messages.

 

Even if transmission of files and email messages is not controlled by SpIDer Gate, their threats can be detected by the enabled file system monitor SpIDer Guard at the moment of their saving by the mail client to the local file system.

To close the page, go to another page by using the buttons in the pane.

Operation Settings of the Network Connection Monitor

Operation setting of the network connection monitor SpIDer Gate is performed in the settings window:

On the SpIDer Gate page, you can specify the list of blocked website categories and reaction to detected threats.

On the Exclusions page, configure the black and white lists of websites and exclude application network activity from monitoring.

On the Network tab—managing of check of protected connections (SSL/TLS).

Issues in the Operation of the Network Connection Monitor

If an error occurs in operation of the network connection monitor, the management page displays the error message. To solve the problem, refer to the description of known errors in Appendix D. Known Errors section.