Modules
IP Filter
BitNinja for Windows currently does not support any CDNs like Cloudflare, BunnyCDN, etc.
This of course, changes in the future with newer releases.
IPv6 Support is currently not available.
BitNinja at this time offers the following options for IP Filter:
- Block list
- Allow list
- Challenge list (over HTTP only - We do block requests over HTTPS but no Captcha will shown)
For IP addresses on the Challenge list, we display the same Captcha page as with the Linux version. After the visitor solves the Captcha, they will see a page which says “Reloading” for a brief period (2-5 seconds at most) because delisting takes more time on Windows.
When the Windows agent starts, these lists and their rules are immediately applied.
Anti Malware
Certain folders ex:. C:/Windows/ and C:/Users/Administrator are exluded from the scans.
There are expections such as C:/Windows/Temp that are still scanned.
- AI Scan (currently supports md5 signatures)
- Parallel malware scans (manual and scheduled)
- Windows Defender compatibility (quarantine folder added to excluded folders)
- Minimal Dashboard compatibility.
- The maxiumum size of the files we scan is 10MB
JSON Config of AntiMalware
{
"core" : {
"scan_max_file_size" : "10485760",
"quarantine" : true,
"enable_ai_scan" : 1
},
"whitelist" : {
"paths" : [
"C:\\Users\\Administrator",
"C:\\Windows"
],
"necessary" : [
"C:\\Windows\\temp"
],
"extensions" : [
"MYD",
"MYI",
"MAD",
"MAI",
"yara",
"sock"
],
"types" : []
}
}