Enabling differential feeds

Kaspersky CyberTrace supports using differential versions of Kaspersky Threat Data Feeds. For more information about differential feeds and how they are downloaded, see subsection "Downloading differential feeds" of the "Working with feeds" section.

Differential versions are similar to regular feeds, but have different IDs. These IDs are stored in additional configuration files included in the distribution kit and are located in the following directories:

Location of additional configuration files

To enable downloading of differential feeds after installation, perform the following steps immediately after you install Kaspersky CyberTrace:

1. Stop Kaspersky CyberTrace Service.
2. Rename the kl_feed_util.conf file (for example, to kl_feed_util.conf.0).
3. Rename the kl_feed_info.conf file (for example, to kl_feed_info.conf.0).
4. Rename kl_feed_util_diff.conf to kl_feed_util.conf.
5. Specify accepted in the Settings > EULA section of kl_feed_util.conf.
6. Rename kl_feed_info_diff.conf to kl_feed_info.conf.
7. Start Kaspersky CyberTrace Service.
8. Perform the post-installation configuration.

To enable downloading of differential feeds after an update, perform the following steps immediately after you update Kaspersky CyberTrace:

1. Stop Kaspersky CyberTrace Service.
2. Make a copy of the kl_feed_util.conf file, and then rename the copy (for example, to kl_feed_util.conf.0).
3. In the Settings > Feeds > Feed element of the kl_feed_util.conf file, change the old Feed IDs to the new ones according to the table below.
4. Make a copy of the kl_feed_info.conf file, and then rename the copy (for example, to kl_feed_info.conf.0).
5. In the kl_feed_info.conf file, change the old Feed IDs to the new ones according to the table below.
6. Start Kaspersky CyberTrace Service.

   Feed IDs

   Feed	Old ID (no diff)	New ID
   Botnet C&C URL	65	152
   Phishing URL	59	153
   Malicious URL	64	154