Anti-tamper Hardening Option

Purpose

This article document shows how to enable “Anti-Tamper Hardening Option” for MetaDefender Kiosk during system configuration.

Solution

To set up “Anti-tamper hardening option” in MD Kiosk, please read through the following guidance for step-by-step instructions.

Setup ProgressDescription
Step 1Access to Kiosk Web Management Console
Step 2Choose "Configuration" tab.
Step 3Click Advanced Configuration on the webpage.
Step 4

Click "Enable" button to activate "Anti-tamper Hardening" option in "System Hardening" category.

A spinner appears when KIOSK is doing the secure enhancements on the system.

Step 5

Then click RESTART button for the changes to take effect.

And click OK to confirm, your KIOSK will restart.

Step 6Click "Apply"

Detail benefits when enabling “Anti-tamper hardening option” in MD Kiosk

When enabling the feature, default Windows input compounds will be blocked and cannot be exploited to escape KIOSK mode. The following default Windows hotkeys/shortcuts will be disabled (besides the ones being mentioned in https://docs.opswat.com/mdkiosk/operating/disabling-windows-hot-keys)

  • Filter keys
  • Sticky keys
  • Toggle keys
  • Mouse keys
  • High Contrast shortcut
  • Ctrl - Shift - Esc
  • Other Winkey compounds
  • Edge Swipe, Cortana, On-screen keyboard, Magnifier

To exit the KIOSK application, press Alt+S, this is the only method to terminate the KIOSK application.

Active Keyboard Filter

The "Active Keyboard Filter" feature is only available when "Anti-tamper Hardening" is enabled.

Default Configuration: By default, when the "Active Keyboard Filter" option is not enabled, users can utilize most of the Windows key combinations without any restrictions.

Enabling "Active Keyboard Filter": Upon enabling the "Active Keyboard Filter," KIOSK will block the majority of keys/key combinations on Windows to enhance system security. KIOSK will only allow the following keys/key combinations to function:

  • Keys from A to Z
  • Keys from 0 to 9
  • Ctrl + C
  • Ctrl + V
  • Alt + S
  • Shift
  • Caps Lock
  • Backspace

This restriction aims to strengthen the system's protection by limiting keyboard inputs to essential and secure commands. Users are encouraged to carefully consider the implications of enabling the "Active Keyboard Filter" option for their specific security requirements.

The Kiosk UI needs to be restarted for this option to take affect.

Support

If you encounter any problems with this guide or if the steps provided do not work, please contact [OPSWAT Support] (https://www.opswat.com/support).

Type to search, ESC to discard
Type to search, ESC to discard
Type to search, ESC to discard
Next to read:
Enable Windows Defender within Kiosk
On This Page
Anti-tamper Hardening OptionPurposeSolutionDetail benefits when enabling “Anti-tamper hardening option” in MD KioskActive Keyboard Filter