Jump to content

How to test KSWS Anti-Cryptor module [Kaspersky Security for Windows Server]

Recommended Posts

Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials.

Step-by-step guide

  1. Install KSWS and make sure the Anti-Cryptor protection component running and its Work Mode is Active.

  2. Install AESCrypt on a remote host.

  3. Try to encrypt the files on a network share protected by KSWS.
  4. Enter a password.
  5. As encryption starts, Anti-Cryptor detects it and blocks remote user's session. In KSWS 11, by default, the application blocks a host's access to network file resources for 30 minutes.
  6. The following attempts to access shared folder will fail. 
  7. KSWS logs attempts to encrypt the data.

  8. The attacker host appears in the Blocked host storage now.
Link to comment
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in

Sign In Now

  • Create New...