Support

Support for business applications

Kaspersky Security for Virtualization 6.0 Light Agent

Checking the integrity of solution components

Kaspersky Security for Virtualization 6.0 Light Agent
Нет результатов
Knowledge Base Online Help
Advice & Solutions FAQ: Download Forum Contact support Recovery tools

Checking the integrity of solution components

January 25, 2024

ID 262066

Kaspersky Security solution components contain many different binary modules in the form of dynamic-link libraries, executable files, configuration files, and interface files. A hacker may replace one or more solution modules or files with other modules or files containing malicious code. To prevent the replacement of solution modules and files, Kaspersky Security can check the integrity of solution files and modules. The solution scans files and modules for unauthorized changes or corruption. If a solution file or module has an incorrect checksum, it is considered corrupted.

The integrity of the files and modules of the following solution components is checked:

  • Protection Server
  • Integration Server
  • Integration Server Console
  • Light Agent for Linux (of the Kaspersky Endpoint Security for Linux application)
  • MMC plug-in for managing the Protection Server
  • MMC plug-in for managing Light Agent for Linux (Kaspersky Endpoint Security for Linux)

Special lists called manifest files are used to check the integrity of solution components. The manifest file for a solution component lists the files and modules whose integrity is critical for correct operation of the solution component. The manifest files are digitally signed and their integrity is checked as well.

The integrity of the components is checked using an integrity checker utility.

To run the integrity check utility on the SVM and on the virtual machine with Light Agent for Linux installed, the root account is required. An administrator account is required for running the integrity check utility for all other solution components.

For detailed information about checking the integrity of Light Agent for Linux and the Light Agent for Linux management MMC plug-in, see the Kaspersky Endpoint Security for Linux Help.

The integrity of the Protection Server, MMC plug-in for managing the Protection Server, Integration Server, and Integration Server Console is checked using integrity_check_tool, an integrity checking utility.

The manifest files and utility for checking the integrity of the Protection Server, MMC plug-in for managing the Protection Server, Integration Server, and Integration Server Console are located at the following paths:

  • Protection Server:
    • Combined manifest file for the Protection Server and Network Agent for Linux: /opt/kaspersky/la/bin/integrity_check.xml.
    • Protection Server manifest file: /opt/kaspersky/la/config/integrity.xml.
    • Network Agent for Linux manifest file: /opt/kaspersky/la/config/klnagent_integrity.xml.
    • Integrity check utility for the Protection Server and Network Agent for Linux: /opt/kaspersky/la/bin/integrity_check_tool.
  • Integration Server:
    • Manifest file: %ProgramFiles(x86)%\Kaspersky Lab\Kaspersky VIISLA\integrity_check.xml.
    • Integrity check utility: %ProgramFiles(x86)%\Kaspersky Lab\Kaspersky VIISLA\integrity_check_tool.exe.
  • Integration Server Console:
    • Manifest file: %ProgramFiles(x86)%\Kaspersky Lab\Kaspersky VIISLA Console\integrity_check.xml.
    • Integrity check utility: %ProgramFiles(x86)%\Kaspersky Lab\Kaspersky VIISLA Console\integrity_check_tool.exe.
  • MMC plug-in for managing the Protection Server:
    • Manifest file: %ProgramFiles(x86)%\Kaspersky Lab\Kaspersky Security Center\Plugins\ksvla5_2.svm.plg\integrity_check.xml.
    • Integrity check utility: %ProgramFiles(x86)%\Kaspersky Lab\Kaspersky Security Center\Plugins\ksvla5_2.svm.plg\integrity_check_tool.exe.

To check the integrity of a solution component, execute one of the following commands to run the utility from the folder where the utility is located:

  • In Windows operating system:

    integrity_check_tool.exe -v[|--verify] -m[|--manifest] <path to the manifest file>

  • In Linux operating system:

    integrity_check_tool -v[|--verify] -m[|--manifest] <path to the manifest file>

where <path to manifest file> is the full path to the manifest file of the component.

You can run the utility with the following optional settings:

  • -V, --verbose – display additional information about successfully checked files and modules. If this setting is not specified, only the check result (succeeded/failed), information about errors and general check statistics are displayed.
  • -L, --log-file <file>, where <file> is the name of the file where the events that occurred during the scan are logged. By default, the events are sent to the standard stdout stream.
  • -l, --log-level <0-1000>, where <0-1000> is the verbosity level for events. The default verbosity level is 0.

You can view the description of all available integrity check utility options in the utility options help. To do this, run the utility with the -h [--help] setting.

The results of checking the integrity of solution components are displayed as follows:

  • SUCCEEDED – integrity of the files and modules is confirmed (return code 0).
  • FAILED – integrity of the files is not confirmed (return code is other than 0).

Kaspersky Professional Services
Implementation services. Health check and security system configuration. Contact us if you need expert help.
Kaspersky Premium Support (MSA): High‑priority incident processing
Telephone and web ticket support. Fast response, monitoring and health check. Submit a request and activate the contract (MSA).
Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.