BitNinja Daily Routine - How to eliminate hackers on your servers completely?
George Egri

BitNinja Daily Routine - How to eliminate hackers on your servers completely?

We have collected the best practices of the most successful BitNinja customers. Would you like to completely eliminate hackers on your servers? Follow this guideline to achieve the most with BitNinja and stop all hackers. The initial steps When you first install BitNinja on your server, the best you can do is to enable all modules. All the beta modules are used in many production servers, it is safe in most of the cases to simply enable them all. If you have considerations about enabling all the modules, then here is a list of minimal modules to enable: IP reputation DoS detectio...
Read more
Web Application Firewalls: Choosing the Right WAF for Server Security
Anita Batari

Web Application Firewalls: Choosing the Right WAF for Server Security

Web applications pose a significant security risk to servers, and having a web application firewall (WAF) in place is vital to keeping your servers and your business running smoothly. The average web server faces thousands of attacks on a daily basis. There are a number of web application firewalls available to protect your server, and having the right security in place can mean the difference between just another “day at the office” and a dozen “sleepless nights” trying to maintain your servers’ uptime. Let’s take a look at why having a WAF is so important, how it works, and the op...
Read more
Meltdown and Spectre attacks
Eniko Toth

Meltdown and Spectre attacks

A new class of side-channel attacks have been appeared, which exploit the following CPU vulnerabilities: CVE-2017-5715 : branch target injection CVE-2017-5753 : bounds check bypass CVE-2017-5754 : rogue data cache load Meltdown and Spectre rely on them and allow the hackers to read the memory content of other programs, it means they can access the stored sensitive data like passwords, photos, emails, secret documents, etc. The original coordinated disclosure date of this issue was planned for January 9, but the issue became public 6 days earlier....
Read more
Software-defined storage pool
Daniel Mecsei

Software-defined storage pool

At Virtualization Day 2017 in Budapest, Hungary, we saw pretty good presentations about a different type of virtualizations and architecture concepts. In forenoon, Gergely Rab from Dell have shown us some very useful tools and solutions for software-defined storage architecture. One of these products is ScaleIO, which utilizes standard x86 servers and Ethernet network. In a standard lifecycle, you firstly plan and deploy your new array, then expand and optimize the storage. When the array comes to the end of its life, the process begins again, and you’ll also have to migrate your data...
Read more
Unix vs. Linux systems
Mariann Csorba

Unix vs. Linux systems

Mariann Csorba
Before the expansion of Windows Operational Systems and the creation of the Linux, the world was ruled by UNIX systems. The UNIX was used predominantly in the 1980’s. Despite of its positive traits it was mainly used by research centers, institutes and school’s operational system. It can be thanked partly to its price, and also to the fact that originally it wasn’t designed for domestical usage but for big computers. The UNIX was a closed-source system and with the exception of some institutes, noone could get access to it.   It’s history When the UNIX was only well-known in...
Read more
Pi-Ninja-Security for RaspberryPi
Nikoletta Szabo

Pi-Ninja-Security for RaspberryPi

Nikoletta Szabo
The real geek escaped from one Ninjastic developer of ours lately, and in his freetime he decided to try to install BitNinja on his Raspberry Pi 2 model B. And guess what happened? He was successful! What is more, BitNinja also captured some attacks with its port honeypot module. Now, let me describe you the process of the installation and what he exactly found. So the tool is Raspberry Pi 2 model B, and he uses Linux: Raspbian GNU/Linux 8 on it.   The process: Bitninja is not available for arm architecture, so he was not able to install it from the Bitninja debian reposit...
Read more
BitNinja overcomes CVE-2016-5696 vulnerability
Nikoletta Szabo

BitNinja overcomes CVE-2016-5696 vulnerability

Nikoletta Szabo
CVE-2016-5696 Linux Kernel vulnerability has been recognized two weeks ago by some watchful researchers , who immediately informed the world of the Internet about the potential dangers waiting for them. This vulnerability can be exploited by an attack called with the umbrella term: “man in the middle attack” and is mainly conducted by off-path hackers. RedHat and many other companies informed their clients about the new foundings and described the issue the following way: ” Researchers have discovered a flaw in the Linux kernel’s TCP/IP networking subsystem implementation of...
Read more

How to monitor your server load?

Daniel Mecsei
What is the average load in Linux? The load is a measure of the amount of computational work that a computer system performs. The Linux generates a metric of three average load numbers in the kernel which the user can easily query by running the uptime command. The three values of load average refer to the past one, five, and fifteen minutes of system operation. Each process using or waiting for CPU increments the load number by 1, however, Linux also includes processes in uninterruptible sleep states (waiting for I/O activity). For example, if you have an eight-core CPU, and the l...
Read more