Kaspersky Security Center Linux contains multiple binary modules in the form of dynamically linked libraries, executable files, configuration files, and interface files. Intruders can replace one or more executable modules or application files with other files containing malicious code. To prevent module and file substitution, Kaspersky Security Center Linux provides a component integrity check by using the klscmodchk and integrity_checker utilities. These utilities check modules and files for unauthorized changes or damage. If a module or application file has an incorrect checksum, it is considered damaged.
The klscmodchk utility performs integrity checks for the following Kaspersky Security Center Linux components:
The integrity_checker utility performs integrity checks for the following Kaspersky Security Center Linux components:
Both utilities check module integrity based on the kl_file_integrity_manifest.xml manifest file, which is part of the Kaspersky Security Center Linux build and is located in the installation folder. The component manifest file contains files whose integrity is important for the correct operation of the Kaspersky Security Center Linux component. The integrity of the manifest files themselves is also checked.
It is strongly not recommended to modify the kl_file_integrity_manifest.xml manifest file, as this will invalidate the digital signature and cause the integrity check to fail.
To check the integrity of the Kaspersky Security Center Linux component, run one of the following commands:
$ klscmodchk [parameters]The klscmodchk utility launches the integrity_checker utility with the --verbose parameter and checks the integrity of the modules.
Parameters for the klscmodchk utility:
-logfile <log_file_path>—Specify the path to a file on the disk for logging. By default, information is output to the console.-verbose—Output extended information during integrity checking.$ integrity_checker [parameters] <manifest_file_path>Parameters for the integrity_checker utility:
--help—Display the integrity_checker utility help.--version—Display the integrity_checker utility version.--verbose—Display information about the utility's operation. When performing an integrity check, it is sufficient to use this parameter in the command.The result of checking each manifest file is displayed next to the manifest file name in the following format: