General info about SSL Protocol
Kaspersky Internet Security 2011 can scan network traffic for viruses using the SSL protocol.
SSL Protocol (Secure Socket Layer) allows detecting the server authenticity via browser and also provides encrypted "personal" connection channel between user computer and the server. This protocol is widely used both for web-servers and mail servers. Gmail is a vivid example of such mail server.
SSL connection protects data exchange channel in the Internet. The SSL protocol allows identifying the sides which exchange data based on electronic certificates, encrypts the transferred data and provides data integrity when transferring.
These protocol peculiarities are often misused by cyber-criminals to spread Malware as most anti-virus products do not check SSL-traffic.
Kaspersky Lab experts recommendations
Kaspersky Lab experts recommend checking SSL-traffic if you are on a suspicious web-resource and when you navigate to another page data transfer by SSL-connection starts. Most probably a malicious program is being transferred by the encrypted protocol.
To scan encrypted connection Kaspersky Internet Security 2011 substitutes the required security certificate by the self-signed certificate.
Sometimes the programs that establish connection, refuse accepting this self-signed certificate and as a result do not establish connection. Kaspersky Lab's experts recommend disable check of SSL-traffic:
- when connecting to trusted web-resource, for example with the web-page of your bank on which you manage your personal account. In this case it is important to get authenticity confirmation of the bank certificate.
- if the program which establishes connection checks the certificate of the required web-resource without dialog with the user. For example, the program MSN Messenger when establishing secure connection with the server, checks authenticity of the Microsoft Corporation digital signature.
How to configure encrypted connections scan in Kaspersky Internet Security 2011?
For Kaspersky Internet Security 2011 to scan encrypted connections on your computer, perform the following:
- open the main application window
- in the right upper corner of the main application window, click the Settings link
- in the left upper corner of the Settings window, go to Advanced Settings
- in the left part of the Settings window, select Network
- in the right part of the Settings window in the section Encrypted connections scan, check the box Scan encrypted connections
- in case if the option is enabled for the first time, the Wizard will apper
- if the Wizard has not appeared, click the Install certificate button, if you want to install the Kaspersky Lab certificate as the root certificate. Follow the Configuration Wizard instructions to install the Kaspersky Lab certificate. Later traffic scan by SSL protocol will be processed using installed Kaspersky Lab's certificate.
- in the Settings window, click OK
- close the main application window.
Certificate is installed automatically only if you use Microsoft Internet Explorer, Mozilla Firefox or Google Chrome. To scan encrypted connections in the browser Opera, you have to install Kaspersky Lab certificate manually.