Checking Web Traffic

SpIDer Gate scans HTTP traffic and blocks malicious objects. HTTP is used by browsers, download managers, and other applications which work with the internet. SpIDer Gate can check data transmitted over cryptographic protocols, such as HTTPS. For that, enable the Scan encrypted traffic option in the Network section.

By default, SpIDer Gate filters non-recommended websites and websites known as infection sources. The information on such websites is also obtained from real-time data stored on Dr.Web cloud service.

SpIDer Gate automatically launches on Windows startup and resides in memory.

To enable or disable traffic scan and non-recommended websites filter

1.Open Dr.Web menu , then select Security Center.

2.In the open window, click Files and Network tile.

3.Enable or disable SpIDer Gate by using the switcher .

Figure 42. Enabling/Disabling SpIDer Gate

In this section:

•Traffic and URLs in IM clients scan

•Blocking parameters

•Block programs

•Block unchecked and corrupted objects

•Check archives and installation packages

•Use system resources during the checks

•Traffic direction

See also:

•Exclude websites from scan

•Excluding applications from scanning

Traffic check options

The default SpIDer Gate settings are optimal for most cases. Do not change them unnecessarily.

To open SpIDer Gate parameters

1.Make sure Dr.Web operates in administrator mode (the lock at the bottom of the program window is open ). Otherwise, click the lock .

2.Click the SpIDer Gate tile. A component parameters window opens.

Figure 43. HTTP traffic check parameters

Traffic and URLs in IM clients scan

In the Scan options group, you can enable scanning of URLs and files transmitted by instant messaging clients, such as Mail.ru Agent, ICQ, and Jabber clients. Only incoming traffic is checked. By default, the option is enabled.

The following actions are applied to the found threats:

When SpIDer Gate scans URLs in messages, the websites and applications excluded from scan have an effect.

Blocking parameters

In the Blocking parameters group, you can enable automatic blocking of URLs listed due to a notice from copyright owners and blocking unreliable websites. For this, enable the corresponding option.

To allow access to necessary websites specify exclusions in the Exclusions group.

Block programs

To access this and following sections, click the Advanced settings link.

SpIDer Gate can block the following malware:

•Suspicious

•Riskware

•Dialers

•Hacktools

•Adware

•Jokes

To enable blocking of malware, click the Advanced settings link and enable the corresponding switchers in the Block programs group. By default, SpIDer Gate blocks suspicious programs, adware and dialers.

Block objects

SpIDer Gate can block unchecked and corrupted objects. By default, these settings are disabled. To open the settings, click the Advanced settings link.

Advanced settings

Scan archives and Scan installation packages. The settings are disabled by default.

Level of system resource consumption. In some cases Dr.Web cannot determine the final file size for example when loading the file. In this case, the file is sent for the scan in parts. It requires the use of computer resources. You can configure the resource use level and determine the frequency of sending files with unknown size. If you select a high resource use level, files will be sent more frequently and will be scanned faster. However, frequent scans increase processor load.

Traffic scan mode. By default, SpIDer Gate scans incoming traffic only. If necessary, you can select HTTP traffic type to scan.

During the traffic scanning, the SpIDer Gate parameters, the white list, and the list of applications excluded from scan have an effect.