Fine-tuning the Malware Detection / Scanner module

Inotify user Watches

The Inotify user watches are increased by BitNinja to 30000000. In case you need to increase the value even further, you can use the
echo 35000000 > /proc/sys/fs/inotify/max_user_watches command.

How to configure the Malware Detection/Scanner module:

1. Open the Configuration menu on your BitNinja dashboard.
2. Select the setting level on the left side. (server-level, server group-level, account-level)
3. Select the Malware Detection module from the modules list.

Increase the file size limit for scanning

1. Click on Advanced Settings at the bottom
2. Modify the “Maximum file size when scanning in bytes” parameter
3. Click on the Save button at the top.

Include directories to scan (Malware Detection)

1. In the Malware Detection menu, find the “Monitored paths” parameter
2. Click on “+ Add new” and add the path.
   
3. Then click on the Save button at the top.

Exclude Directories, NOT to scan (Malware Detection)

1. Add the path with the “+ Add new” button under the “Directories” path
2. Also, add the path under the “Inotify settings” with the “+ Add new” button to disable real-time malware detection.
3. Then click on the Save button at the top.

Upload malware source

You can help us improve our malware signatures by enabling an option in your MalwareDetection module’s config. This will allow the BitNinja agent to upload the source codes of any malware that has been detected.
The data will be used by our developers to reduce the false positive rates and to tweak the signatures.

Enable the “Enable malware source upload to Cloud” option, then click on Apply at the top of the screen.