Malware Detection - Set up, schedule, catch and quarantine with BitNinja
BitNinja Security Starting Point - A Short Educational Program
Here at BitNinja we think that cyber security should be simple. So, we’ve designed BitNinja to make your life easier. We’ve built features and capabilities that can greatly simplify your work.
Here is a short guide to our product with tips and helpful hints. These educational articles should help you properly utilise BitNinja's features to grow your company while having a clear understanding of how it works!
Malware is the short version of the word “Malware Software”. It’s generally intended to cause damage, harm, track data or give remote access to hackers. They are a real headache, which is why BitNinja can help you here.
What is Malware Detection and what is it for?
One way that cybercriminals can access a server is by using a backdoor. Backdoors are typically installed as malware, and it’s essential to block and remove the infected malware file as soon as possible.
💎 Structure Analysis The latest threat to server security is obfuscated malware. Traditional malware detection can’t find these infected files. That’s why we analyze the structure of the code, which helps us eliminate more sophisticated malware.
The scan will identify various malwares and backdoors that are spying on you and your customers.
The tool we are using (inotify-tools or auditd) is looking for any file changes, so whenever an attacker targets your website using malware files the BitNinja MalwareDetection module will be there waiting to catch that. You can also trust us with root cause analysis: our Defense Robot finds the backdoor and the attacking IP, block the attack and prevent any further infections on the server.
Setting up and scheduling your Malware Scans
BitNinja automatically checks for file-changes, but you may also do Manual Scans from CLI or the Dashboard. It is also possible to restrict the scan to a custom folder.
For example, running a Malware Scan immediately after you have installed BitNinja on the server is an excellent idea.
You may also schedule Malware scans every week on specific weekdays. Using Cron Jobs you can also do the same more frequently, that is your choice.
Creating a user-level signature
You can create your own user level signatures on the Local Malware Signatures page.This is useful in many ways: you can detect infections that are not catalogued in BitNinja’s database, and if you are being targeted by a specific type of malware, you can fight it head-on. You can also publish malware files on your own servers that you believe are dangerous.
Malware catches and quarantine
On the Anti-Malware Overview page you will see Catches, e.g. the number of incidents that occurred on your account. We offer a lot of flexibility and control Catches. BitNinja cleans critical malware files, but there is an option for getting only reports of malware catches. With our approach, you can see every infection cleaned by BitNinja across your servers.
As every module is customizable, MalwareDetection also comes with some options under the hood.
Max File Size to Watch
Quarantine Mode (Log only or quarantine)
Replace Malware to Honeypot file
Whitelist directories, extensions
Performance settings (CPU/IO Scheduling)
Similar to scans, restoring files from quarantine can be done both from CLI or the Dashboard.
Proactive server protection from a centralized, easy-to-use console. Secure your web servers and customers’ websites against all kinds of cyber threats with our multi-layered security tool
This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.
Strictly Necessary Cookies
Strictly Necessary Cookie should be enabled at all times so that we can save your preferences for cookie settings.
If you disable this cookie, we will not be able to save your preferences. This means that every time you visit this website you will need to enable or disable cookies again.