Protection settings window

Support

Support for business applications

Kaspersky Industrial CyberSecurity for Linux Nodes

Protection against remote malicious encryption

Configuring Anti-Cryptor in the Administration Console

Protection settings window

August 5, 2024

ID 275603

Protection settings

Setting	Description
Action on encryption detection	The action to be performed by Kaspersky Industrial CyberSecurity for Linux Nodes upon detecting malicious encryption: Inform user (default value). Kaspersky Industrial CyberSecurity for Linux Nodes does not block the device performing encryption; it only records in the event log an event about the detection of malicious encryption. Block the device that is performing encryption.
Block untrusted host for (min.)	In this field you can specify the untrusted device blocking duration in minutes. After the specified time is reached, Kaspersky Industrial CyberSecurity for Linux Nodes removes untrusted hosts from the list of blocked hosts. The access of the host to network file resources is restored automatically, after it is deleted from the list of untrusted hosts. If a compromised host is blocked and you change this setting value, the blocking time for this host will not change. The blocking time is not a dynamic value, and it is calculated at the moment of blocking. Possible values: integers from 1 to 2147483647. Default value: 30.

Setting

Description

Action on encryption detection

The action to be performed by Kaspersky Industrial CyberSecurity for Linux Nodes upon detecting malicious encryption:

Inform user (default value). Kaspersky Industrial CyberSecurity for Linux Nodes does not block the device performing encryption; it only records in the event log an event about the detection of malicious encryption.
Block the device that is performing encryption.

Block untrusted host for (min.)

In this field you can specify the untrusted device blocking duration in minutes. After the specified time is reached, Kaspersky Industrial CyberSecurity for Linux Nodes removes untrusted hosts from the list of blocked hosts. The access of the host to network file resources is restored automatically, after it is deleted from the list of untrusted hosts.

If a compromised host is blocked and you change this setting value, the blocking time for this host will not change. The blocking time is not a dynamic value, and it is calculated at the moment of blocking.

Possible values: integers from 1 to 2147483647.

Default value: 30.

Did you find this article helpful?

What can we do better?

Thank you for your feedback! You're helping us improve.