Operating Principles |
The SpIDer Gate component monitors network connections established by user applications. The component checks whether the server which the client application is trying to connect to belongs to any of the web resources categories specified in the settings as unwanted. Moreover, the component can refer to Dr.Web Cloud to check a URL. If the URL belongs to any of the unwanted categories (including that one which was returned by the request of Dr.Web Cloud) or to a black list defined by the system administrator, the connection is interrupted, and the HTML page, containing the message that the access is not allowed, is displayed (in case of HTTP/HTTPS connection). The HTML page is generated by SpIDer Gate according to the template supplied with the component. This page contains the notification that the access to requested resource is impossible and the details upon the block. The similar page is displayed and returned to the client if SpIDer Gate finds a threat that must be blocked. If the connection uses a protocol different from HTTP(S), the component scans only for permission to establish connection with this server. If it is determined that it is a mail protocol (SMTP, POP3 or IMAP), the component for scanning of email messages Dr.Web MailD is used for analysis of data and search for threats. This component independently sorts email messages and extracts from their bodies enclosed files and URLs. Given that, the component uses blocking parameters common with the component SpIDer Gate. Auxiliary component Dr.Web Firewall for Linux redirects connections with remote servers, which are established by the client applications. The component performs dynamic control of the NetFilter rules of GNU/Linux system component. The Dr.Web Updater component is used to regularly and automatically update the databases of web resource categories from Doctor Web update servers. The same component is used to update virus databases for the Dr.Web Scanning Engine scan engine. The Dr.Web CloudD component is used to refer to Dr.Web Cloud service (using of the cloud service is configured in Appendixes common settings and can be disabled, if necessary). To check transferred data, SpIDer Gate uses the Dr.Web Network Checker component. The latter one initiates scanning via the Dr.Web Scanning Engine scan engine. |