Backdoor & Worm Monitor is the module of ipLegion platform which allows to find out the presence of malware in the local network devices.
“Malware” means any code that may be a threat for data integrity and privacy, such as worm, browser hijackers, spyware, dialers and trojans.
The combination of Backdoor & Worm Monitor modules in the ipLegion platform allows to provide quickly and without delay a global view about security state of that network.

 

IpLegion Backdoor & Worm Monitor: the Examination

The module uses different types of analyses to perform the examination:
1. Register analysis (for Microsoft® Windows® systems). The module gets connected to the remote system directly or through domain and analyzes its register. Analyses are planned to lower the impact on network traffic.
2. Ports scanning. The module controls the remote systems searching for open ports caused by backdoors.
3. Communication with backdoors. It is also possible to have a bare communication with the most common backdoors to be sure of their presence.

IpLegion Backdoor & Worm Monitor: Examination Results

• Ip addresses of analyzed hosts
• detailed log of analysis (from NetBIOS, FTP, SMTP, ...)
• full details about identified malware
• references to vendors, official advisories and to instructions in solving the problem

IpLegion Backdoor & Worm Monitor: Features

• analysis on Ip groups of the same domain
• possibility to choose between backdoor or worm/spyware identification
• quick analysis and examination
• parallel performance of analysis on different systems
• real time check of ongoing analyses
• history of completed analyses