Release note on BitNinja 1.9.2

Boglarka Angalet

Happy Holidays everyone! Most of us are tuned for Christmas time already, but ninjas don’t know free days, as hackers are just getting in their element in the busiest days of the year.

So we haven’t wated our time in the last few weeks, but developed some new features and useful things for you. Grab the latest version of BitNinja (1.9.2) and enjoy the hacker-free holidays!

Brand new documentation site

First of all, an old deficiency was eliminated lately. We released our new documentation site which contains more information about the mechanism behind BitNinja. IP reputation methods, modules and CLI are also presented there. Please feel free to comment on it. Every feedback is appreciated. We want it to be the best source for IT pros to get basic informations about BitNinja’s role in server security.

ISPmanager plugin

Ninjas are so happy to have more and more plugins for different platforms, so we can make the usage of BitNinja easier for you.

Our latest cooperation with ISPsystem ended up in a very comfortable and useful plugin. You can follow these steps to easily install BitNinja to ISPmanager:

wget -qO- | tar -zx && ./ispmgr-plugin/install --license_key=THE_LICENSE_KEY

Or without license key:

wget -qO- | tar -zx && ./ispmgr-plugin/install

Important bugfixes

We also released some important bugfixes with the latest versions.

First of all, thank you to all for testing the beta WAF module with us. You help a lot in improving and developing one of our most awaited features. After the first weeks of testing, it handles systems with multiple IPs without any fail and also new rules were built in the firewall.

If you haven’t tested out yet, feel free to enable it anytime.

Next steps

In the upcoming weeks, we are planning to release our SMTP captcha module that will help preventing spam attempts and catch the attackers before reaching their goals. It is being tested now and we see very-very promising results so far.

We are also working on a proxy filter feature for the WAF. It will make the greylisting method more effective when somebody tries to use known proxy servers to hide its identity.

And the third upcoming thing is the Port mine (honeypot) module which will make the users able to set up honeypots for optional ports and catch port scanning attempts.

Share your ideas with us about this article

Previous posts

BitNinja WAF Beta
Our Ninja Lab is always full of fantastic ideas and improvements. Sometimes it’s an easy ride to develop a terrific feature, sometimes it takes longer to find the right recipe. Yes, you guessed well, we are talking about the web application firewall module. But thanks to our enthusiastic users’ contribution in development and to our ’never givin’ up’ kind of tech ninjas, WAF Beta is available now for BitNinja 1.8.   Web Application Firewall: a holy grail feature Generally speaking, web application firewalls monitor, filter and block incoming and outgoing traffic on HTTP protoc...
Abdullkarem attack – a hack against sysadmins’ bad practice
Mystery is on the horizon, ladies and gentlemen! And we always get excited about unappreciated server attacks. Just like in case of this ‘abdulkarrem’ one. Come, put on the role of Sherlock Holmes with us. Recently, there is a very frequent attack type. More and more sysadmin experience and complain about malicious request like these: GET /wp-includes/css/guide.php?php4&root&upl&wphp4&abdullkarem&GET /wp-includes/css/log.php?php4&root&upl&wphp4&abdullkarem&45GET /wp-admin/includes/iindex.php?php4&root&upl&wphp4&abdullkarem&450799&wp&GET /wp-includes/iindex.php?php4&root&upl&...