Jump to content
whoisrich

Anti-Cryptor Protection Scope [In progress]

Recommended Posts

Setting up a central policy for file servers with "Kaspersky Security 10 for Windows Server".

There is an anti-crypto section, where you can choose "Only specified shared folders", then "Add protection scope".

 

The inclusions seems to allow both a local drive path "C:\Folder\Shared" and UNC paths like "\\SERVER\ShareName".

 

- Are both valid and would work?

- With a local path, will it protect host CNAME and all share names for that folder?

- With a UNC path, will it protect host CNAME and all share names for the folder under that path?

- Are the entries cAsE SenSitiVe?

- Is there a recommended way to trigger the protection in order to test the settings are working?

 

Regards,

Rich.

 

Share this post


Link to post

If you want to test protection on fileshares, I can recommend to download the (free) tool 'AEC Crypt'.

Install it on a client then right click on a folder on a shared drive and select Encrypt.

When I tested, I managed to encrypt 5 files before protection kicked in - then connection was dropped and the 5 files were restored automatically and the client was denied access to the file server for X amount of minutes.

Quite brilliant :-)

 

Share this post


Link to post

Unless I am missing something obvious, that link does not answer any of my questions.

Also the Administrator Guide PDF does not cover my questions.

 

Please see attached screenshot for the setting in question.

 

- How does Kaspersky match the paths to the server?

- Do these paths support wildcard matching or it do partial matching? ( \\SERVER\Share\* etc )

post-109848-1497620126.png

Edited by whoisrich

Share this post


Link to post
Unless I am missing something obvious, that link does not answer any of my questions.

Also the Administrator Guide PDF does not cover my questions.

 

Please see attached screenshot for the setting in question.

 

- How does Kaspersky match the paths to the server?

- Do these paths support wildcard matching or it do partial matching? ( \\SERVER\Share\* etc )

Hello,

 

You should use local paths there, not UNC paths. Also, if you have the latest public patch installed (http://support.kaspersky.ru/13463), it does support mask symbols in the path.

 

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


×
×
  • Create New...

Important Information

We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.