Kaspersky Security for Mac can scan network traffic for viruses using the SSL protocol.
SSL Protocol (Secure Socket Layer) allows detecting the server authenticity via browser and also provides encrypted “personal” connection channel between user computer and the server. This protocol is widely used both for web-servers and mail servers. Gmail is a vivid example of such mail server.
SSL connection protects data exchange channel in the Internet. The SSL protocol allows identifying the sides which exchange data based on electronic certificates, encrypts the transferred data and provides data integrity when transferring.
These protocol peculiarities are often misused by cyber-criminals to spread Malware as most anti-virus products do not check SSL-traffic.
Kaspersky Lab's experts recommend checking SSL-traffic if you are on a suspicious web-resource and when you navigate to another page data transfer by SSL-connection starts. Most probably a malicious program is being transferred by the encrypted protocol.
To scan encrypted connection Kaspersky Security for Mac substitutes the required security certificate by the self-signed certificate.
Sometimes the programs that establish connection, refuse accepting this self-signed certificate and as a result do not establish connection. Kaspersky Lab's experts recommend disable check of SSL-traffic:
- when connecting to trusted web-resource, for example with the web-page of your bank on which you manage your personal account. In this case it is important to get authenticity confirmation of the bank certificate.
- if the program which establishes connection checks the certificate of the required web-resource without dialog with the user. For example, the program MSN Messenger when establishing secure connection with the server, checks authenticity of the Microsoft Corporation digital signature.
How to enable/ disable scan of encrypted connections
If you need Kaspersky Security for Mac to scan/ not to scan encrypted connections on your computer, do the following:
Open the main program window.
- On the lower part of the main window click the Web Anti-Virus button.
- In the Web Anti-Virus section check/clear the box Scan secure connections (HTTPS).
- Once the changes are made, you are recommended to lock the program to prevent unauthorized access to program settings.
- Close the main window.