General Settings; Alerts - F-SECURE LINUX SECURITY Manual

62 | F-Secure Linux Security | Using the Product

General Settings

Alerts

The kernel module verification protects the system against rootkits by preventing unknown
kernel modules from loading. When the kernel module verification is on, only those kernel
modules that are listed in the known files list and which have not been modified can be loaded.
If the kernel module verification is set to
unknown or modified kernel module is loaded but does not prevent it from loading.
2. Turn Write protect kernel memory
Kernel memory write-protection protects the /dev/kmem file against write attempts. A
running kernel cannot be directly modified through the device. If the write protection is set to
Report only, the product sends an alert when it detects a write attempt to /dev/kmem file,
but it does not prevent the write operation.
3. Specify Allowed kernel module
Specified programs are allowed to load kernel modules when the kernel module verification
is on. By default, the list contains the most common module loaders. If the Linux system you
use uses some other module loaders, add them to the list. Type each entry on a new line,
only one entry per line.
In general settings, you can configure alerting and automatic virus definition database updates
and view the product information.
On the Alerts page, you can read and delete alert messages.
Alert Severity Levels
Alerts are divided into severity levels.
Severity Level
Informational
Warning
Report only, the product sends an alert when an
on or off.
loaders.
Syslog priority
info
warning
Description
Normal operating
information from the host.
A warning from the host.
For example, an error
when trying to read a file.