Checking the integrity of modules by using the klscmodchk and integrity_checker utilities

Kaspersky Security Center Linux contains multiple binary modules in the form of dynamically linked libraries, executable files, configuration files, and interface files. Intruders can replace one or more executable modules or application files with other files containing malicious code. To prevent module and file substitution, Kaspersky Security Center Linux provides a component integrity check by using the klscmodchk and integrity_checker utilities. These utilities check modules and files for unauthorized changes or damage. If a module or application file has an incorrect checksum, it is considered damaged.

The klscmodchk utility performs integrity checks for the following Kaspersky Security Center Linux components:

The integrity_checker utility performs integrity checks for the following Kaspersky Security Center Linux components:

Both utilities check module integrity based on the kl_file_integrity_manifest.xml manifest file, which is part of the Kaspersky Security Center Linux build and is located in the installation folder. The component manifest file contains files whose integrity is important for the correct operation of the Kaspersky Security Center Linux component. The integrity of the manifest files themselves is also checked.

It is strongly not recommended to modify the kl_file_integrity_manifest.xml manifest file, as this will invalidate the digital signature and cause the integrity check to fail.

To check the integrity of the Kaspersky Security Center Linux component, run one of the following commands:

The result of checking each manifest file is displayed next to the manifest file name in the following format:

We recommend running the integrity check utility from a certified CD to ensure the utility's integrity. When running from a CD, you must specify the full path to the manifest file in the Kaspersky Security Center Linux installation folder.

Page top