bitninja (3.7.8) stable; urgency=low
- Added .discord.com to the reverse DNS whitelist.
- Fixed an issue regarding the LiteSpeed config parsing where config files were not parsed correctly in the case of Enhance.
-- bitninja.IO team <packaging@bitninja.io> Wed, 21 Sept 2023 15:06 +0100
bitninja (3.7.7) stable; urgency=low
- Fixed an issue regarding the AI Scan where there were cases when empty files were uploaded for scan.
- Fixed an issue where the Config Parser module did not parse the LiteSpeed configurations properly in the case of the Enhance Control Panel which caused invalid SSL Certificate errors.
- Reintroduced the certMapping feature. From now on it can be used while the Cloud Config is enabled.
The feature is not yet available through Cloud Config.
- Cert mapping can be set in the /etc/bitninja/SslTerminating/certMappings.json manually as well as with the two new commands that have been added to the SslTerminating module.
bitninjacli --module=SslTerminating --add-cert --domain=<domain> --certFile=<certFile> --keyFile=<keyFile> | optional --chainFile=<chainFile>
bitninjacli --module=SslTerminating --del-cert --domain=<domain>
After modifying the cert mapping (even after using the add-cert and del-cert commands) a force-recollect will be needed.
Known Issues:
The certMapping feature does not support wildcard domains (*.example.com) for now.
-- bitninja.IO team <packaging@bitninja.io> Wed, 06 Sept 2023 14:12 +0100
bitninja (3.7.6) stable; urgency=high
- Fixed Captcha showing server's IP address in certain server environments.
-- bitninja.IO team <packaging@bitninja.io> Fri, 01 Sept 2023 20:44 +0100
bitninja (3.7.5) stable; urgency=low
- Fixed an issue regarding the module restart command which caused the module to stop and not start it back.
- Fixed the issue which caused the DirectAdmin plugin not to install.
- Added exclusion for Docker IPs during private IP auto-configuration.
- Added a configuration option to the IPFilter module (enableIpsetMode ) for turning CSF into IPSet mode during integration. This option is ON by default.
- The csf config location can also be set with a new config option called csf.conf. By default it is set to the default csf config path: /etc/csf/csf.conf.
-- bitninja.IO team <packaging@bitninja.io> Thu, 31 Aug 2023 10:47 +0100
bitninja (3.7.4) stable; urgency=low
- Fixed an issue where delisting blocklisted IPs did not work.
- Fixed an issue regarding the Shogun where it was crashing when there were many incidents.
- Fixed an issue where the Shogun could not keep up with incidents from Malware Detection.
- Fixed an issue where Malware Detection could not add a signature and caused errors.
- Added a new command to the Malware Detection remove-cache which adds the ability to remove a file or directory from the filesystem cache.
Usage: bitninjacli --module=MalwareDetection --remove-cache=<path> --file | --dir
-- bitninja.IO team <packaging@bitninja.io> Wed, 23 Aug 2023 15:02 +0100
bitninja (3.7.3) stable; urgency=low
- Our service ports now automatically opened in UFW if it is enabled on the server.
- Private IP ranges are now automatically added to the Trusted Proxy.
- Private IPs are now auto-configured for WAF.
- Fixed an issue where the WAFHoneypot could not turn off properly because the honeypot files were not removed.
- Fixed an issue that caused redirect loops with WordPress sites behind Cloudflare.
- Fixed an issue regarding the disappearing WAF and Trusted Proxy redirections.
- Fixed an issue that caused changes to the WAF redirection mode not to apply immediately.
-- bitninja.IO team <packaging@bitninja.io> Wed, 16 Aug 2023 09:36:44 +0100
bitninja (3.7.2) stable; urgency=low
- Fixed an issue regarding the first startup sync to the cloud-config.
- Fixed a Config Parser issue where the SSL certification was set in the main nginx configuration.
- Fixed an issue that prevented the IpFilter module to apply changes to allowed ports when set from Cloud Config
- Fixed an issue that prevented the SslTerminating module to apply Cloud Config changes to the HAProxy configs.
-- bitninja.IO team <packaging@bitninja.io> Wed, 09 Aug 2023 14:22:22 +0100
bitninja (3.7.1) stable; urgency=low
- Extended the filesystem cache cleaning mechanism, ensuring the database size is kept within limits.
- The filesystem cache is now re-enabled if the size is below the filesystem cache size limit.
- Fixed an issue regarding the filesystem cache when the database file was not found.
- Fixed an issue regarding the WAF when HEAD requests were hanging. (Also solves the Enhance file management issues.)
- Added .wordpress.org to the reverse DNS whitelist.
-- bitninja.IO team <packaging@bitninja.io> Wed, 02 Aug 2023 09:30:22 +0100
bitninja (3.7.0) stable; urgency=low
- Added a config option called cpuUsageLimit in the System module, under the resources section.
* This option can limit the agent’s overall CPU usage in percentage.
- Fixed an issue regarding the crash report uploading.
- Fixed an issue regarding the SslTerminating cert mining when no certs were found.
- The Nginx process and its configuration are now reloaded in case of Cloud Config changes.
- Startup error logs are now more verbose instead of "Failed to access the API server" log
-- bitninja.IO team <packaging@bitninja.io> Mon, 19 Jul 2023 14:53:23 +0100
bitninja (3.6.3) stable; urgency=low
- Removed HTTP fallback from the agent.
-- bitninja.IO team <packaging@bitninja.io> Mon, 10 Jul 2023 12:53:39 +0100
bitninja (3.6.2) stable; urgency=low
- Fixed the issue where users could not delist themselves if there were more than 1 IP addresses present in the X-Forwarded-For header.
- Fixed the issue where sometimes the file sizes were not saved properly in the filesystem cache during the AI scan.
- The CaptchaHttp page should now properly show the client IP.
- Added worker_connections as a config option to the WAFManager module which sets the worker_connections config option for Nginx.
* If this option has already been overridden in the local Nginx configs,
the agent will automatically migrate it to the WAFManager config.
-- bitninja.IO team <packaging@bitninja.io> Tue, 4 Jul 2023 14:20:10 +0100
bitninja (3.6.1) stable; urgency=low
- Fixed an issue regarding the Malware Detection scans which
caused the scans to start multiple times with AI scan.
-- bitninja.IO team <packaging@bitninja.io> Thu, 29 Jun 2023 14:25:10 +0100
bitninja (3.6.0) stable; urgency=low
- MalwareDetection
* Added the AI scan feature. Can be enabled via the enable_ai_scan option in the config.
Disabled by default.
* Fixed a bug which caused AuditD to find files but the agent did not quarantine them.
- ProxyFilter
* Fixed the bug which caused some firewall rules to get duplicated.
-- bitninja.IO team <packaging@bitninja.io> Wed, 28 Jun 2023 15:22:10 +0100
bitninja (3.5.4) stable; urgency=low
* Fixed the issue which caused user level trusted proxies to get ignored by the WAF.
* Fixed the issue which prevented blocking and challenging IPs coming from user level trusted proxies.
* The MalwareDetection module now shows if scans are running in its process title.
* Added CLI command for force recollect: bitninjacli --module=SslTerminating --force-recollect.
-- bitninja.IO team <packaging@bitninja.io> Tue, 20 Jun 2023 13:28:56 +0100
bitninja (3.5.3) stable; urgency=low
* General
- Added a CLI switch to the DataProvider module called
send-diagnostics which sends performance related diagnostics to the cloud.
- Enhance control panel is now detected correctly on secondary servers in the cluster.
- Fixed some configuration issues related to logging.
* MalwareDetection
- PostDetection scripts now receive the state and list of the signature which triggered them.
-- bitninja.IO team <packaging@bitninja.io> Wed, 14 Jun 2023 11:43:56 +0100
bitninja (3.5.2) stable; urgency=low
* MalwareDetection
-Fixed an issue which caused scans to scan excluded directories during a full scan.
- The honeypotify config option works properly now.
- Fixed an issue which caused the file system monitor to start when
the module reloads even though the module is disabled.
* WAF
- Updated Nginx from 1.15.6 to 1.23.3.
* IPFilter
- Fixed an issue regarding the IP set hierarchy, where the user-level
blocklist was stronger than the global whitelist.
-- bitninja.IO team <packaging@bitninja.io> Wed, 07 Jun 2023 12:50:56 +0100
bitninja (3.5.1) stable; urgency=low
* Reloading the ConfigParser module on an Enhance server caused the module to not parse
configurations properly, this has been fixed.
* Post Detection scripts received the quarantined file path instead of the real file path
if the MalwareDetection module was not in log only mode, this has been fixed.
* Fixed memory issues with the ConfigParser module.
* Fixed a minor issue in SiteProtection
* Hotfixing in Proxyfilter, iptables rules were created more than once
-- bitninja.IO team <packaging@bitninja.io> Tue, 31 May 2023 16:21:56 +0100
bitninja (3.5.0) stable; urgency=low
- IpFilter
* Fixed firewall related issues when CSF is present on the server.
* Reworked CSF integration.
- ProxyFilter
* The --status command now reports the status of the redirections.
* If redirection creation fails, the module retries multiple times.
* Added health check which runs every 5 minutes.
This includes checking the redirections. They are recreated if missing.
* Health check logs the status of the redirections.
* The module can now process commands even during its setup.
- SiteProtection
* Fixed an issue where the login failed on some WordPress sites.
* Added ability to update/reinstall all SiteProtection related plugins.
- MalwareDetection
* Added the --force-clean switch to the scan command. If this is passed to the command,
the module will clean malware even if it is in log only mode.
This option can be passed when called from the API as well.
- SslTerminating
* Added tune.maxrewrite, tune.bufsize and tune.h2.initial-window-size to the Cloud Config.
These settings can be fine-tuned if you encounter any issues with upload speeds.
- General
* Fixed numerous firewall issues which caused the server to be unavailable for a short time.
* Removed the error Could not find executable for command [docker] which was thrown around randomly by all modules.
This did not cause any specific issues but it cluttered the logs.
* Fixed a bug which caused some modules to crash when sending error logs to the API.
* Fixed a bug which caused the agent to revert to HTTP on start and keep using it indefinitely.
-- bitninja.IO team <packaging@bitninja.io> Tue, 25 May 2023 11:48:29 +0100
bitninja (3.4.2) stable; urgency=low
* Added an automatic flow that renews Debian gpg keys.
* Added /etc/cxs to the MalwareDetection path whitelist.
* Fixed a minor bug regarding CloudConfig.
-- bitninja.IO team <packaging@bitninja.io> Tue, 17 May 2023 18:19:27 +0100
bitninja (3.4.1) stable; urgency=low
* Moved SendMalwareScanStatus command to MalwareDetection
-- bitninja.IO team <packaging@bitninja.io> Tue, 16 May 2023 12:39:45 +0100
bitninja (3.4.0) stable; urgency=low
* Implemented the Cloud Config feature.
- The agent now fetches its configuration from the cloud. This configuration can be modified via the dashboard.
- Updated & migrated various entries in the local configurations. This is done automatically on every server,
there is no need to do anything with it.
- The --reload command now works with every module properly.
- Switching a module on/off locally via the CLI now updates the module’s state in the cloud as well.
-- bitninja.IO team <packaging@bitninja.io> Tue, 16 May 2023 12:39:44 +0100
bitninja (3.3.1) stable; urgency=low
* Malware scans get throttled instead of pausing them when the load is high.
This way, the scan will still finish if the server load is high.
* Calling the CheckIp command now writes the result to the agent logs.
* Added RockyLinux to known operating systems.
* Fixed a startup issue in the WAF module when Nginx worker processes were stuck and the module could not start.
* The WAF module will no longer wait for the WAF tester to complete.
-- bitninja.IO team <packaging@bitninja.io> Wed, 26 Apr 2023 10:23:36 +0100
bitninja (3.3.0) stable; urgency=low
* The ConfigParser module can now handle the Enhance Control Panel.
- WAF module, Captcha modules, and TrustedProxy modules are now functional with Enhance CP.
- Limitations:
- The log analysis, the DefenseRobot, and the Port Honeypot are not fully functional yet
- OpenLiteSpeed is not supported yet.
* LiteSpeed config parsing is improved significantly.
-- bitninja.IO team <packaging@bitninja.io> Wed, 26 Apr 2023 10:23:36 +0100
bitninja (3.2.10) stable; urgency=low
* Fixed redirections and other firewall rules sometimes missing during startup.
* Communication is no longer switched to HTTP randomly, only when needed.
- If fallback happens, the agent tries to recover socket communication as soon as possible.
* Fixed the issue where some commands got lost.
* Fixed an issue which caused the AntiFlood module to be unavailable through the CLI.
0
-- bitninja.IO team <packaging@bitninja.io> Wed, 19 Apr 2023 09:17:38 +0100
bitninja (3.2.9) stable; urgency=low
* Local configurations are synced with the API automatically (CloudConfig).
-- bitninja.IO team <packaging@bitninja.io> Mon, 17 Apr 2023 16:49:20 +0100
bitninja (3.2.8) stable; urgency=low
* Roll back to version 3.2.25
-- bitninja.IO team <packaging@bitninja.io> Fry, 14 Apr 2023 03:57:21 +0100
bitninja (3.2.7) stable; urgency=low
* Fixed an issue when the SpamDetection module did not load the whitelisted file list correctly.
-- bitninja.IO team <packaging@bitninja.io> Thu, 13 Apr 2023 18:22:33 +0100
bitninja (3.2.6) stable; urgency=low
* Fixed redirections and other firewall rules sometimes missing during startup.
* Communication is no longer switched to HTTP randomly, only when needed.
- If fallback happens, the agent tries to recover socket communication as soon as possible.
* Fixed the issue where some commands got lost.
* Local configurations are synced with the API automatically (CloudConfig)
-- bitninja.IO team <packaging@bitninja.io> Thu, 13 Apr 2023 18:22:33 +0100
bitninja (3.2.5) stable; urgency=low
* Fixed the proxy_read_timeout migration in WAF to avoid variable duplication
* Added new rules to the SenseLog module:
- Rule against known spambots
- Rule against web requests for scripts
-- bitninja.IO team <packaging@bitninja.io> Wed, 05 Apr 2023 15:43:10 +0100
bitninja (3.2.4) stable; urgency=low
- Fixed numerous errors related to messaging.
- The message queue and the Dispatcher should be properly restarted now if they are not running.
- Fixed a bug where the SiteProtection did not get the WordPress path correctly.
- Fixed a bug where the SiteProtection WordPress plugin could not be uninstalled correctly.
- Added more whitelisted files to the SpamProtection config.
-- bitninja.IO team <packaging@bitninja.io> Wed, 29 Marc 2023 11:37:10 +0100
bitninja (3.2.3) stable; urgency=low
* MalwareDetection
- Added a command to create a validating signature from a file (can be called from the API),
name: CreateValidatingSignatureFromFileCommand. Accepts a single argument, which is the file path.
* SslTerminating
- Added tune.maxrewrite, tune.bufsize and tune.h2.initial-window-size to the config in the
haproxyGlobalSettings section. These settings can be fine-tuned if you encounter any issues with upload speeds.
* IpFilter
- Added a CLI command to test an IP against the ipsets for convenience: bitninjacli --checkip=<ip>
-- bitninja.IO team <packaging@bitninja.io> Thu, 16 Marc 2023 16:38:23 +0100
bitninja (3.2.2) stable; urgency=low
* Bug in the messaging system config management while using remote config is fixed
-- bitninja.IO team <packaging@bitninja.io> Wed, 08 Marc 2023 18:37:08 +0100
bitninja (3.2.1) stable; urgency=low
* There was a bug in SpamDetection that did not always set the whitelists.
-- bitninja.IO team <packaging@bitninja.io> Thu, 02 Marc 2023 17:15:08 +0100
bitninja (3.2.0) stable; urgency=low
* MalwareDetection module
- Added a new signature type: md5-clean.
- md5-clean signatures will clean malware efficiently during scan phase 1
- Currently, user-level md5-clean signatures only
- real-time malware detection can be disabled with the enable_active_scan option
- The create_signatures_during_phase2 option enables the agent to create
md5 and md5-clean signatures during the phase 2 scan
- By default, the option is disabled
- Added support for inotify versions newer than 3.14
* A proxy_read_timeout option is now added to the WAFMananger module.
This is a timeout threshold in the Nginx proxy
- If the option was overridden initially in the local Nginx configs
then the agent migrates the overridden value to this option
* Added whitelist to SpamDetection for sender scripts
- There is an option to add scripts by path or by file name
- Whitelisted files will not be flagged as sender scripts
* bitninja dispatcher 1.0.1
- now can restore API connection if it fails
- logs are now moved under the /var/log/bitninja-dispatcher/ directory
- log rotation is separate. It depends on the log size
- The current log is always indicated by current.log.
-- bitninja.IO team <packaging@bitninja.io> Thu, 02 Marc 2023 16:15:08 +0100
bitninja (3.1.1) stable; urgency=low
* The --create-signature CLI command sometimes did not work, this has been fixed.
-- bitninja.IO team <packaging@bitninja.io> Wed, 22 Feb 2023 16:06:36 +0100
bitninja (3.1.0) stable; urgency=low
* Reworked cert watching in the SslTerminating module.
- This should fix most cert detection issues
* Increased default timeout in HAProxy to 5 minutes.
* Added config option for manual cert mapping.
* HAProxy should no longer crash if we pick up bad certificates.
- logs will indicate if a certificate is bad.
* SiteProtection extensions are now properly installed for every web server on the users' server.
* Added ability to toggle Malware Source Sending remotely.
* Reworked config parsing.
- Include directives under virtual hosts are properly handled.
- Added support for LiteSpeed XML.
* Fixed some crashes in the SpamDetection module.
-- bitninja.IO team <packaging@bitninja.io> Wed, 22 Feb 2023 11:55:49 +0100
bitninja (3.0.1) stable; urgency=low
* Messaging error fixed that caused the Shogun module to sometimes crash upon an incident
-- bitninja.IO team <packaging@bitninja.io> Thu, 16 Feb 2023 08:55:19 +0100
bitninja (3.0.0) stable; urgency=low
* IPC communication has been changed to a Message Queue.
- Highly improved communication speed between the agent and the API
- Commands from the dashboard are recieved in real-time
* The following Linux distributions won't get this and following updates
as they are no longer supported:
(BitNinja will still work on them)
- RedHat 6
- CentOS 6.x
- CloudLinux 6.x
- Debian 6-7
- Ubuntu 14-15
-- bitninja.IO team <packaging@bitninja.io> Wed, 15 Feb 2023 09:50:59 +0100
bitninja (2.39.1) stable; urgency=low
* more frequent load monitoring
- for future optimizations to resource usage.
* Module crashed fixed where query from sender script failed
-- bitninja.IO team <packaging@bitninja.io> Wed, 08 Feb 2023 13:32:50 +0100
bitninja (2.39.0) stable; urgency=low
* Added a new (alpha) module called SpamDetection,
- collects data about outbound SMTP traffic.
- By default, it is turned off.
-- bitninja.IO team <packaging@bitninja.io> Thu, 02 Feb 2023 11:00:22 +0100
bitninja (2.38.9) stable; urgency=low
* bug fix for plesk360 integration
-- bitninja.IO team <packaging@bitninja.io> Thu, 27 Jan 2023 11:14:44 +0100
bitninja (2.38.8) stable; urgency=low
* Refined the sending of malware samples and
it was moved from the MalwareScanner module to MalwareDetection.
- It’s still disabled by default. Config option: upload_malware_source
under the core section.
* Added a new CLI command: bitninjacli --stats [--minify] which displays
some general statistics about BitNinja on the server
it can be used to integrate with monitoring solutions.
-- bitninja.IO team <packaging@bitninja.io> Thu, 26 Jan 2023 14:08:56 +0100
bitninja (2.38.7) stable; urgency=low
* Malware Detection
- Added file content hash based whitelisting
to further reduce false positive malware catches and resource usage.
- During malware scan 2nd phase, it was possible that previously restored
files were caught again, this has been fixed
-- bitninja.IO team <packaging@bitninja.io> Thu, 19 Jan 2023 10:17:13 +0100
bitninja (2.38.6) stable; urgency=low
* MalwareDetection
- Added option to enable/disable YARA in the MalwareDetection module
- Fixed a bug where the agent had to be restarted if
a file had been added to the whitelist via the CLI.
-- bitninja.IO team <packaging@bitninja.io> Thu, 12 Jan 2023 13:13:13 +0100
bitninja (2.38.5) stable; urgency=low
* Non blocking execution for post scripts in the MalwareDetection module
* Sometimes, the --create-signature command did not work
if it was executed multiple times in parallel. This has been fixed.
* Added --publish switch to the --create-signature command which can be used
if --non-interactive option is present.
* Added BlogVault service to the rev dns whitelist
-- bitninja.IO team <packaging@bitninja.io> Thu, 08 Dec 2022 13:20:47 +0100
bitninja (2.38.4) stable; urgency=low
* Added scan_niceness variable to the MalwareDetection module
- Throttle file processing
-- bitninja.IO team <packaging@bitninja.io> Thu, 01 Dec 2022 10:28:41 +0100
bitninja (2.38.3) stable; urgency=low
* Fixed a bug which caused the SandboxScanner to start even though it was disabled
-- bitninja.IO team <packaging@bitninja.io> Mon, 28 Nov 2022 17:15:58 +0100
bitninja (2.38.2) stable; urgency=low
* Various optimizations for the SandboxScanner module which reduce resource usage.
* Improved accuracy of the SandboxScanner module.
* YARA catches are now prefixed correctly in file incidents.
* Added interface aliasing toggle to the IPFilter module
-- bitninja.IO team <packaging@bitninja.io> Wed, 23 Nov 2022 09:25:58 +0100
bitninja (2.38.1) stable; urgency=low
* Fixed an issue where in certain edge cases WAF did not greylist offending IP addresses properly.
* Fixed an issue where the web server was unreachable in certain edge cases.
- This fix ensures your users can reach the backend as expected.
* /var/log/messages is now monitored properly.
- This fix ensures our active protection can find necessary logs.
-- bitninja.IO team <packaging@bitninja.io> Tue, 15 Nov 2022 11:56:50 +0100
bitninja (2.38.0) stable; urgency=low
* Scans run in 2 phases: shallow and deep scan.
- Deep scan can be enabled or disabled with the enable_deep_scan config option
in the MalwareDetection module. By default, it is on.
- This allows us to find the most common malware quickly
and estimate the scan progress and status more precisely.
* An unused config option called invalidate_results has been removed to avoid confusion.
-- bitninja.IO team <packaging@bitninja.io> Wed, 26 Oct 2022 14:46:47 +0100
bitninja (2.37.1) stable; urgency=low
* Not all filesytstem cache files were ignored during scans this has been fixed.
* Further improved correlation info detection for FTP uploads in the DefenseRobot.
-- bitninja.IO team <packaging@bitninja.io> Tue, 11 Oct 2022 09.59:47 +0100
bitninja (2.37.0) stable; urgency=low
* YARA rules are now fetched from the cloud.
- This ensures servers always have the latest rules applied to find the latest malware.
* The SQL Scanner module now starts in active mode.
* Fixed an issue where the DefenseRobot could not find correlation info for FTP uploads,
if the FTP daemon logs into /var/log/messages
-- bitninja.IO team <packaging@bitninja.io> Tue, 04 Oct 2022 13:24:03 +0100
bitninja (2.36.1) stable; urgency=low
* The clean_file option has been removed from the MalwareDetection module due to confusion.
* From now on, if quarantine is enabled files will be both cleaned and quarantined.
Otherwise, no cleaning or quarantine movement will take place.
* All of the above now also applies for the SqlScanner module (cleaning option)
* From now on, analog cache files will be ignored by the agent.
- This involves malware detection, YARA analysis, and sandboxing.
* The WAF module now does an external test to check if it works properly.
-- bitninja.IO team <packaging@bitninja.io> Tue, 20 Sep 2022 14:31:03 +0100
bitninja (2.36.0) stable; urgency=low
* Fixed an issue where the server’s IP is shown in the backend logs even with Transparent mode
* Fixed inconsistencies in the WAF status command's output
* Fixed fallback from Transparent to DNAT if any problems were encountered with the Transparent proxy
* Sometimes, validating MD5 catches did not work. This has been fixed.
* GET parameters are now accepted in the URL captcha.
* Implemented the first valid SQL cleaning rules.
-- bitninja.IO team <packaging@bitninja.io> Wed, 07 Sep 2022 13:28:03 +0100
bitninja (2.35.2) stable; urgency=low
* WAF module CPU usage fixed
-- bitninja.IO team <packaging@bitninja.io> Fri, 26 Aug 2022 18:41:19 +0100
bitninja (2.35.1) stable; urgency=low
* Where the WAF module was disabled the module crashed
-- bitninja.IO team <packaging@bitninja.io> Thu, 25 Aug 2022 14:44:14 +0100
bitninja (2.35.0) stable; urgency=low
* Removed /usr/*/www from the excluded paths for Malware Detection
* Fixed a bug where in certain edge-cases the Malware Detection module
ignored whitelisted files or patterns due to filesystem cache.
* Fixed a bug where the WAF Manager could not start when the server had more than 160 IP addresses.
* A feature called “Extended analysis“ has been implemented
which will scan files that were deemed safe previously.
-- bitninja.IO team <packaging@bitninja.io> Thu, 25 Aug 2022 11:24:49 +0100
bitninja (2.34.0) stable; urgency=low
* Added /var/spool/cron to the MalwareDetection watch list.
* Parallel scans now can not be started on paths where a scan is already running.
* MalwareDetection module filesystem realted carashes fixed
* Added a special detector for cron injector malware.
-- bitninja.IO team <packaging@bitninja.io> Tue, 16 Aug 2022 14:46:48 +0100
bitninja (2.33.0) stable; urgency=low
* The SQLScanner module now starts a full database scan automatically when enabled
* Added help text to SQLScanner CLI commands
* Added JavaScript Sandbox to SandboxScanner
* JavaScript files added to the filesystem cache
* Removed two (unused) configuration options from the MalwareDetection module:
- manual_scan_only_save_php
- only_save_php
-- bitninja.IO team <packaging@bitninja.io> Tue, 02 Aug 2022 13:30:07 +0100
bitninja (2.32.2) stable; urgency=low
* False catches by some SA-SNIPPET signatures during cache cleaning were fixed.
* Fixed some SSL related issues when ServerAliases are used in Apache.
* The size of the filesystem cache in the MalwareDetection module can be limited now:
- filesystem_cache_size_limit variable
- filesystem_cache_threshold_behavior option
* Fixed some conflicts in the user and the default configuration.
-- bitninja.IO team <packaging@bitninja.io> Tue, 19 Jul 2022 13:06:09 +0100
bitninja (2.32.1) stable; urgency=low
* Removed Validating tag from the first batch of YARA rules
-- bitninja.IO team <packaging@bitninja.io> Mon, 11 Jul 2022 13:09:14 +0100
bitninja (2.32.0) stable; urgency=low
* SQLScanner has been reworked:
- Currently, Wordpress and Joomla tables are supported.
- The scanner can clean SQL records
- Catches can be restored via the --restoreSql-signature and --restoreSql commands
- The first restores every catch for the provided signature, while the latter restores a single record.
- Sql scans can be started with the --scanSql command.
- The SQLScanner is in log only mode by default, but can be configured with the quarantine option
* Greatly reduced SandboxScanner false positives.
* Fixed some of the 'Could not clean file' errors with snippets
* Fixed the 'Cannot find executable for command [getenforce]' error in the MalwareDetection module
-- bitninja.IO team <packaging@bitninja.io> Tue, 05 Jul 2022 12:26:58 +0100
bitninja (2.31.4) stable; urgency=low
* YARA catches now have a unique signature id for every rule
- YARA catches can be restored via the restore by signature ID command
* WAFManager status command lists all redirections for every IP and port
* --check-redirections switch added to WAFManager BitninjaCLI options
- lists all the status of the redirections required by the WAF module
- --ip=<IPHere> optional switch can be used to check redirections on specific IP
* Required ports are opened automatically in CSF in case of cPanel
* letsencrypt.org has been added to the reverse DNS whitelist.
-- bitninja.IO team <packaging@bitninja.io> Tue, 21 Jun 2022 15:41:17 +0100
bitninja (2.31.3) stable; urgency=low
* Validating YARA rules will no longer prevent other detectors from running
* Fix YARA rule false positives and bugs
* The number of SA and YARA workers can not be higher than 40, unless specified otherwise in the configuration.
-- bitninja.IO team <packaging@bitninja.io> Tue, 14 Jun 2022 11:53:27 +0100
bitninja (2.31.2) stable; urgency=low
* Send YARA result in FileIncident
-- bitninja.IO team <packaging@bitninja.io> Wed, 01 Jun 2022 15:53:43 +0100
bitninja (2.31.1) stable; urgency=low
* New filter added to the MalwareDetection module for PHP cache files
- PHP cache files are no longer scanned
* The WAFManager status command shows ports correctly
* The SSLTerminating module finds certificates referenced via relative path in vhost config
-- bitninja.IO team <packaging@bitninja.io> Wed, 18 May 2022 11:54:50 +0100
bitninja (2.31.0) stable; urgency=low
* New YARA based malware search engine
- Able to clean and quarantine infected files
- YARA rules are in the validating state to avoid false positives
* HAProxy did not start if IPv6 was disabled on the system, this has been fixed
* Trap mailbox email addresses changed on the captcha page.
-- bitninja.IO team <packaging@bitninja.io> Tue, 10 May 2022 11:33:57 +0100
bitninja (2.30.1) stable; urgency=low
* Empty array handling in WAF improved
- 'no service is running on this port ()' issue is fixed
* new jenkins pipeline
-- bitninja.IO team <packaging@bitninja.io> Thu, 21 Apr 2022 18:17:14 +0100
bitninja (2.30.0) stable; urgency=low
* Malware Detection module scan memory optimization
* Parallel Malware scan option
* Short open tag handling added to Malware Detection module.
* CLI help text updated
* Bug fixed in MalwareDetection where scans paused because of high server load could not be canceled.
-- bitninja.IO team <packaging@bitninja.io> Tue, 12 Apr 2022 11:43:17 +0100
bitninja (2.29.5) stable; urgency=low
* SiteProtection Extensions Updated
- Federated Login added
* TrusdtedProxy Add/Remove IP commands can be sent from the Dashboard
* If the MalwareDetection module is disabled on the dashboard, it will stay disabled after the agent is restarted.
* All requests older than 24 hours will be deleted from /var/lib/bitninja-waf/body/
* On Captcha the Delist button now changes language based on Browser language
* WAF transparent mode fallback fix
- WAF's default starts in transparent mode if the agent is installed via one-liner
-- bitninja.IO team <packaging@bitninja.io> Mon, 04 Apr 2022 12:13:48 +0100
bitninja (2.29.4) stable; urgency=low
* WAF connection logs improved
* /var/lib/mysql excluded from MalwareDetection
* Wordfence Central IP addresses whitelisted via domain
* TrustedProxy Broadcast command added
-- bitninja.IO team <packaging@bitninja.io> Tue, 03 Mar 2022 15:08:40 +0100
bitninja (2.29.3) stable; urgency=low
* Domain rate limiting uses fixed window algorithm
* SslTerminating issue was fixed where the remote config was not always picked up
* Issues of 2.29.1 are now fixed
* WAF module will start even if there is no SSL cert detected on the server
- HAProxy module crashes were fixed
* less fails from WAF connection tests
* Non existing and invalid certs will be removed
* HAProxy nbthread count is limited to 64
* The agent can automatically run custom certminers
- In SslTerminating config enable allowCertListFileEdition and disable useConfigParserModule
- Custom cert miner should be placed in /etc/bitninja/SslTerminating/cert_miners/ director
- Cert miner has to be a BASH script and have a .sh extension
- Cert miners will be run when the SslTerminating module starts or reloads.
- The owner of the script has to be ROOT
-- bitninja.IO team <packaging@bitninja.io> Wed, 16 Feb 2022 16:08:38 +0100
bitninja (2.29.2) stable; urgency=low
* Roll back to 2.29.0
-- bitninja.IO team <packaging@bitninja.io> Fri, 11 Feb 2022 07:20:39 +0100
bitninja (2.29.1) stable; urgency=low
* WAF module will start even if there is no SSL cert detected on the server
- HAProxy module crashes were fixed
* less fails from WAF connection tests
* Non existing and invalid certs will be removed
* HAProxy nbthread count is limited to 64
* The agent can automatically run custom certminers
- In SslTerminating config enable allowCertListFileEdition and disable useConfigParserModule
- Custom cert miner should be placed in /etc/bitninja/SslTerminating/cert_miners/ director
- Cert miner has to be a BASH script and have a .sh extension
- Cert miners will be run when the SslTerminating module starts or reloads.
- The owner of the script has to be ROOT
-- bitninja.IO team <packaging@bitninja.io> Thu, 10 Feb 2022 12:42:16 +0100
bitninja (2.29.0) stable; urgency=low
* New variables in SSLTerminating to limit the number of allover number of connections on the domains
- perDomainRateLimit: if 0 then limiting is disabled, limits the number of requests to a domain
- perDomainRateLimitInterval: seconds to reset rate limit counter
-- bitninja.IO team <packaging@bitninja.io> Wed, 02 Feb 2022 16:00:49 +0100
bitninja (2.28.22) stable; urgency=low
* WAF module will use dnat redirection in case of iptables rules are incompatible with transparent mode
* Malware scan error handling improved
* The number of malware workers are configurable
-- bitninja.IO team <packaging@bitninja.io> Tue, 01 Feb 2022 14:18:49 +0100
bitninja (2.28.21) stable; urgency=low
* Scan throtling errors fixed
* Localization issues are fixed for en_US
* Scan performance is improved
* Malware Snippet loging expanded
-- bitninja.IO team <packaging@bitninja.io> Wed, 24 Jan 2022 15:03:56 +0100
bitninja (2.28.20) stable; urgency=low
* Manual scan errors causing the agent to stop are now fixed
-- bitninja.IO team <packaging@bitninja.io> Wed, 19 Jan 2022 17:10:18 +0100
bitninja (2.28.19) stable; urgency=low
* MalwareDetection module's reload also fully reloads Inotify's config it it changed
* 'No parsable content in data' errors in the main log has been fixed
* /etc config files' lists will are now appended to the config
* Crashes in relation to FileNotFoundExceptions are fixed
* Further config and Malware detection optimizations
-- bitninja.IO team <packaging@bitninja.io> Wed, 19 Jan 2022 09:10:18 +0100
bitninja (2.28.18) stable; urgency=low
* The full-restore command in the backup module has been renamed full-restore -> restore
- added --file parameter in case only file needs to be restored
* The missing [DoveCot] section was added to the SenseLog config
-- bitninja.IO team <packaging@bitninja.io> Thu, 10 Jan 2022 13:15:43 +0100
bitninja (2.28.17) stable; urgency=low
* The agent loads the remote config, if metadata is given for the server (/etc/bitninja/server-meta.json).
* The users can now add the location of the PHP binary file to the SiteProtection module
* Special character coding bug is fixed in AuditD file monitor
* New bitninja-waf package 1.2.1
- If the bitninja-waf user is present as non-system user then the installation will fail
-- bitninja.IO team <packaging@bitninja.io> Thu, 05 Jan 2022 13:37:39 +0100
bitninja (2.28.16) stable; urgency=low
* bitninja-config has new parameters
- --serverConfigurationMetadata: JSON value
- --environmentSpecification: JSON value
* SensLog has a rule for Dovecot bruteforce protection
- disabled by default, but it can be enabled
* AuditD compatibility issue is resolved in CentOS 8
* MalwareDetection module does not carsh anymore if the inotify.log file is missing
-- bitninja.IO team <packaging@bitninja.io> Thu, 09 Dec 2021 14:40:18 +0100
bitninja (2.28.15) stable; urgency=low
* BitNinja pid file location changed to standard /var/run/bitninja.pid
- solves possible issues if the agent was not stopped prior to server reboot
* VzLinux Operating system is supported from version 7 and up
* Infected file cleaning unit test implemented
* Malware snippet signatures are downloaded and file index database is scanned for them
- if there is a new signature
- agent is restarted
* File restoration optimized
-- bitninja.IO team <packaging@bitninja.io> Thu, 02 Dec 2021 09:16:41 +0100
bitninja (2.28.14) stable; urgency=low
* Backup feature out of memory issue fixed
* BitNinjaCLI --status-all added to the help text
* Unit tests fixed
-- bitninja.IO team <packaging@bitninja.io> Fri, 19 Nov 2021 10:33:36 +0100
bitninja (2.28.13) stable; urgency=low
* allowedErrorsCount raised to phpcs as phpqa argument
* BitNinja Dojo is now updated to the latest version (2.8.1)
- added libnsl
* All detectors of the MalwareDetection module can be disabled to avoid module crashes
-- bitninja.IO team <packaging@bitninja.io> Mo, 8 Nov 2021 11:38:28 +0100
bitninja (2.28.12) stable; urgency=low
* Log spoofing protection implemented in agent
- e.g.: spoofing failed SSH requests is prevented
-- bitninja.IO team <packaging@bitninja.io> Tu, 26 Oct 2021 10:52:51 +0100
bitninja (2.28.11) stable; urgency=low
* AlmaLinux is fully supported
- Inotfy-wait installation issue on AlmaLinux is fixed
* CSFList unit tests and comments are fixed
* System module's config can be changed permanently, it is now present in /etc/bitninja/
- Added option to keep original permission settings
- Users can add whitelisted domains in the Shogun's config file
* Backup creation hanging issue was fixed
* BitNinja cannot be installed on systems where 'bitninja' and 'bitninja-waf' users already exist
-- bitninja.IO team <packaging@bitninja.io> Tu, 19 Oct 2021 14:44:27 +0100
bitninja (2.28.10) stable; urgency=low
* Fixed a bug in AuditD related to concatenation and file/directory names containing space (MalwareDetection)
* Help in BitNinjaCLI now includes the --restore-signature option
* If enabled Siteprotection's External scanner IP addresses will be allowed in CSF automatically.
- Related: BitNinja CLI command is added to whitelist IP addresses in CSF
- IP addresses used by the feature are added to the Allow and Ignore list of CSF as well
* The MalwareDetection module's file restoration feature now uses the SymLinkAttack protection
* BackUp module is now implemented (under testing)
* Option in the System module's config file to retain default file permissions
- disabled by default
- Changing this option is not permanent, will be reset at next release
-- bitninja.IO team <packaging@bitninja.io> Thu, 28 Sep 2021 12:52:47 +0100
bitninja (2.28.9) stable; urgency=low
* File restoration based on SignatureID now restores non PHP files too
-- bitninja.IO team <packaging@bitninja.io> Thu, 14 Sep 2021 17:19:41 +0100
bitninja (2.28.8) stable; urgency=low
* SQLScanner socket path can be now configured from the config.ini file
* MalwareScanner module's file database maintenance automatism implemented
- If a file is removed from the host filesystem then the file database will follow the change
- The database will be updated at the next scan of the directory
* Filepath is now fixed in the logconverter of AuditManager
* Malware scan is now scanning more files
* Restoring files based on SignatureID is now more stable
-- bitninja.IO team <packaging@bitninja.io> Thu, 14 Sep 2021 11:04:23 +0100
bitninja (2.28.7) stable; urgency=low
* Fixes an issue where files with space in their names were not scanned by the MalwareDetection module
* While running the SandboxScanner will trigger the MalwareDetection module to scan the deobfuscated files if the deobfuscation was successful
- If the deobfuscated file is detected as malware then the obfuscated (original file) will be quarantined unless the quarantine option is disabled
* version option is included in the bitninjacli --help command
-- bitninja.IO team <packaging@bitninja.io> Thu, 31 Aug 2021 10:40:36 +0100
bitninja (2.28.5) stable; urgency=low
* Fixes logging issue in error.log caused by MalwareDetection
-- bitninja.IO team <packaging@bitninja.io> Thu, 24 Aug 2021 20:35:17 +0100
bitninja (2.28.4) stable; urgency=low
* Fixes an issue where manual scans would stuck if a MalwareDetection worker was stuck.
-- bitninja.IO team <packaging@bitninja.io> Thu, 24 Aug 2021 15:19:17 +0100
bitninja (2.28.2) stable; urgency=low
* Fixes an issue where manual scans wouldn't run if started from CLI.
-- bitninja.IO team <packaging@bitninja.io> Thu, 05 Aug 2021 18:37:04 +0100
bitninja (2.28.0) stable; urgency=low
* BitNinja Dojo is now updated to the latest version (2.8.0).
- It is now able to use mysqli php extension which is required for a new module.
- Now uses latest packages where available.
* BitNinja now requires BitNinja-Dojo version 2.8.0.
* Added an experimental module named SQL Scanner.
- Accepts every general BitNinja CLI command every other module can accept, such as start, stop, reload, restart, enable, disable
- You can start an SQL scan with a --search argument via BitNinja CLI.
* BitNinja can now use the service bitninja reload command.
* Malware Detection fixes:
- Malware Detection will now send a status when starting or ending a scan.
- Malware Detection will now utilize a readlink request on to be scanned directories.
- Malware Detection now has a new configuration flag that speeds up the scanning process.
-- bitninja.IO team <packaging@bitninja.io> Tue, 03 Aug 2021 12:39:05 +0100
bitninja (2.27.0) stable; urgency=low
* Agent starting process has now been secured with HTTP Fuzzing tests.
* Malware Detection now accepts glob patterns:
- Such as: paths[] = '/home*/accesslog/*', exclude[]='/home*/virtfs/*', file_path[] = '/home*/'
* You are now able to modify the quarantine folder's path.
* Malware Detection is now able to send the source code of Malwares to BitNinja Central. Can be enabled in the config file with: upload_malware_source=1
* Malware Detection now resolves symlinks when reading inotify logs.
* Malware Detection is now able to restore a file based off Signature DTO field's value.
* Sandbox Scanner now has two new CLI commands:
- bitninjacli --module=SandboxScanner --analyze-file=/path/to/file
- bitninjacli --analyze-file=/path/to/file
-- bitninja.IO team <packaging@bitninja.io> Wed, 28 Jul 2021 13:39:28 +0100
bitninja (2.26.1) stable; urgency=low
* Fixed an issue where the malware cache would be flushed on CentOs6.
-- bitninja.IO team <packaging@bitninja.io> Tue, 06 Jul 2021 13:19:04 +0100
bitninja (2.26.0) stable; urgency=low
* Defense Robot updates:
- It will now use React, for improved performace.
- The module is now able to collect correlated logs outside of doc-root.
- The Access Log domain filter is now optional.
* Malware Detection updates:
- Added the ability to clean infected files based on SA-Snippets.
- Now detecting for PHP opening tag is case sensitive.
- All of the detectors can be disabled through configuration.
* THIS UPDATE HAVE FLUSHED THE MALWARE CACHE, IT IS ADVISED TO START A FULL SYSTEM SCAN.
* Removed old migration for WAF Module.
-- bitninja.IO team <packaging@bitninja.io> Wed, 30 Jun 2021 14:20:21 +0100
bitninja (2.25.0) stable; urgency=low
* SSLTerminating will not duplicate certificates even if the vhosts are duplicated due to multiple webservers present.
* Numerous CLI Updates
- Case-Insensitive module names.
- Help text for modules and commands.
- Ability to modify runtime config.
* Transparent proxy now checks for conflicts with certain redirections.
* Fixed an issue where empty signatures could be generated.
-- bitninja.IO team <packaging@bitninja.io> Thu, 17 Jun 2021 12:29:33 +0100
bitninja (2.24.3) stable; urgency=low
* Fixed an issue that stopped the agents after the recent update on CentOS 6.
-- bitninja.IO team <packaging@bitninja.io> Tue, 01 Jun 2021 18:08:08 +0100
bitninja (2.24.2) stable; urgency=low
* Added a new alpha module by the name Sandbox Scanner, which will start up with the agent.
* Now upon starting the Agent will check if the PID belongs to BitNinja or not.
* Malware Detection now starts multiple forked instances for better performance and redundancy.
-- bitninja.IO team <packaging@bitninja.io> Tue, 01 Jun 2021 10:41:02 +0100
bitninja (2.23.11) stable; urgency=low
* Fixed an issue with SQLite.
-- bitninja.IO team <packaging@bitninja.io> Wed, 31 Mar 2021 23:30:11 +0100
bitninja (2.23.9) stable; urgency=low
* SiteProtection's Icon has been changed in cPanel.
* You are now able to specify signature type via CLI for Malware Detection.
* If WAF is disabled, you are able to enable it for certain visitor IP addresses for
testing purposes.
- Adding an IP: bitninjacli --module=WAFManager --disable-on-ip=1.2.3.17
- Removing an IP: bitninjacli --module=WAFManager --disable-on-ip=1.2.3.17 --remove
* If the Agent detects it is running in a container, it will require a container license.
-- bitninja.IO team <packaging@bitninja.io> Thu, 25 Mar 2021 10:29:06 +0100
bitninja (2.23.8) stable; urgency=low
* Now the Agent is able to detect if it is running in a containerized environment,
and modify environmental variables accordingly.
* Malware Detection will now be able to look for file matches with SA-Snippets.
* Malware Detection is now able to load Global Validating signature database.
* Global and User level signature databases are now divided into separate databases.
* Malware Detection is now able to stop a malware scan via a Scan Key or Scan Type.
* SQLite Database migration now checks for TMP directory size.
-- bitninja.IO team <packaging@bitninja.io> Wed, 17 Mar 2021 14:18:15 +0100
bitninja (2.23.7) stable; urgency=low
*** SAME AS AGENT VERSION 2.23.5 ***
-- bitninja.IO team <packaging@bitninja.io> Tue, 02 Mar 2021 12:17:22 +0100
bitninja (2.23.6) stable; urgency=low
***RECALLED AGENT, UPDATE TO LATER VERSION***
-- bitninja.IO team <packaging@bitninja.io> Mon, 01 Mar 2021 16:41:31 +0100
bitninja (2.23.5) stable; urgency=low
* BitNinja process' memory limit has been increased to 300Mb from 292Mb.
* MalwareDetection's memory limit has been increased to 600Mb, and is now modifiable from it's configuration file.
-- bitninja.IO team <packaging@bitninja.io> Tue, 09 jan 2021 15:52:41 +0100
bitninja (2.23.4) stable; urgency=low
* SymLink protection fix.
* MalwareDetection now checks before cleaning/quarantine if the file was the victim of a SymLink attack.
* MalwareDetection now reduces it's permissions to match file's permissions before deleting.
* AuditD now attempts to write out file system changes in batches.
* BitNinja CLI is able to create MD5 signatures from binary files again.
-- bitninja.IO team <packaging@bitninja.io> Tue, 09 jan 2021 14:46:23 +0100
bitninja (2.23.3) stable; urgency=low
* Shogun Module now checks the RPC messages every minute. If messages were not received during this time, it will attempt to clear the RPC queue.
* Fixed an issue within the loading of Global Malware Signatures.
-- bitninja.IO team <packaging@bitninja.io> Fri, 29 jan 2021 17:32:57 +0100
bitninja (2.23.2) stable; urgency=low
* Minor fixes to Malware Signature creation via CLI
-- bitninja.IO team <packaging@bitninja.io> Wed, 27 jan 2021 18:51:44 +0100
bitninja (2.23.1) stable; urgency=low
* Fixed a bug where Malware Detection would crash upon adding an already existing signature as an interactive one.
* Malware Detection's default file size limit is increased to 10MB.
* CaptchaHTTP's uploaded file size limit is increased to 2MB.
-- bitninja.IO team <packaging@bitninja.io> Mon, 25 jan 2021 15:37:41 +0100
bitninja (2.23.0) stable; urgency=low
* Captcha HTTP is now able to save uploaded files.
- After checking, the files are discarded.
* Captcha HTTP and FTP will automatically generate signatures from the uploaded files.
* The signature is also added to DefenseRobot incident, if the information is available.
* MalwareDetection will now check in a local database for file changes since the last scan.
* MalwareDetection will now check for duplicate entry in local signatures before creating a new signature.
-- bitninja.IO team <packaging@bitninja.io> Wed, 21 jan 2021 15:13:45 +0100
bitninja (2.22.1) stable; urgency=low
* BitNinja CLI is now able to dump SA skeletons of PHP malware files.
* Patcher Module now generates log files.
* Shogun module now caches User Whitelisted IP addresses.
* IPFilter Module now checks every 5 minutes for IPSet V6 availability, and migrates firewall rules if it is available.
* IPFilter Module now can be set to use a specific IPSet Version within the configuration file.
* Config Parser Module now generates more detailed logs.
- Logs how long the report took.
- Logs found Configuration files.
- Logs what Include pattern was used to add a Configuration file.
- Logs what file change initiated the re-scanning of the configuration tree.
-- bitninja.IO team <packaging@bitninja.io> Tue, 12 jan 2021 11:38:17 +0100
bitninja (2.22.0) stable; urgency=low
* New RPC features added to agent
* Experimental Patcher Module added to the agent
-- bitninja.IO team <packaging@bitninja.io> Wed, 06 jan 2021 13:50:43 +0100
bitninja (2.21.0) stable; urgency=low
* IPFilter and System module is now using a new React based asynchronous worker to communicate with our API.
* The system module is now executing commands received from API based on RPC.
* Added a DirectAdmin SiteProtection extension.
* SiteProtection extensions will now get removed once BitNinja is uninstalled.
-- bitninja.IO team <packaging@bitninja.io> Mon, 14 dec 2020 12:16:41 +0100
bitninja (2.20.0) stable; urgency=low
* The agent is now able to receive and respond to RPC requests. BitNinja CLI now can respond to new commands:
- bitninjacli --module=<module_name> --status -> will now give back the status of given module name in a Json format
- bitninjacli --module=MalwareDetection --check-file=/path/to/file -> Will scan a specific file without any action taken. The output contains the following line: ""scanResult": 2,"
- This result should be interpreted as the following: 0 : Not infected ; 1-4 : Infected with malware ; 5 : Error during scan
- bitninjacli --module=MalwareDetection --list-scans -> will now respond with currently running malware scans in a Json format
**** Please note the above commands are subjects to change, so they might not work with future releases ****
-- bitninja.IO team <packaging@bitninja.io> Tue, 24 nov 2020 13:31:32 +0100
bitninja (2.19.4) stable; urgency=low
* Now ScanController can only run in one instance within Malware Detection.
* Malware Scanner now is able to scan folders even if the module is disabled
-- bitninja.IO team <packaging@bitninja.io> Thu, 12 nov 2020 14:56:57 +0100
bitninja (2.19.3) stable; urgency=low
* Fixed an issue where IPv6 address statistics would not carry the IpType.
-- bitninja.IO team <packaging@bitninja.io> Wed, 11 nov 2020 11:07:22 +0100
bitninja (2.19.2) stable; urgency=low
* The Agent now sends network usage statistics from IPv4 and IPv6 traffic every 5 minutes.
* Interface Updates will be sent every hour.
-- bitninja.IO team <packaging@bitninja.io> Tue, 10 nov 2020 16:25:35 +0100
bitninja (2.19.1) stable; urgency=low
* Siteprotection cPanel/Plesk token update if failed for the first time.
* Siteprotection will automatically update it's respective .tar.gz files upon version update for cPanel/Plesk
-- bitninja.IO team <packaging@bitninja.io> Wed, 04 nov 2020 11:06:46 +0100
bitninja (2.19.0) stable; urgency=low
* If Service Detection is able to find a webserver, it will attempt to send domains, and their respective log directories, also applied to web-applications if found.
- This information will later be used in our updated admin panel.
* The Agent is now capable of uploading Firewall Configurations if asked by API.
-- bitninja.IO team <packaging@bitninja.io> Wed, 21 oct 2020 12:10:13 +0100
bitninja (2.18.0) stable; urgency=low
* Changes related to Captcha HTTP
- It is now using React HTTP Server resulting in faster processing.
- It is no longer using the verify.php file.
- It is now able to handle multipart-form.
- It no longer generates mistake-level incidents.
- It is now able to handle custom reCAPTCHA keys.
- It now generates PortHoneypot incident from the contents of an invalid HTTP request.
- Connections now do have a 5 second timeout.
* DosDetection is now able to use SS in case NetStat is unavailable.
* WAFManager will now create the user group bitninja-waf in case it failed to create it before.
* Shogun now caches IP whitelists for a minute.
-- bitninja.IO team <packaging@bitninja.io> Wed, 07 oct 2020 11:53:27 +0100
bitninja (2.17.3-6) stable; urgency=low
* Fixed a crash when creating sqlite DB connection.
* Captcha will now restart itself instead of exiting.
* Updated WAF Module's ability to determine used ports via Service Detector for redirections.
* Fixed minor issues with each minor version update, to ensure stability.
-- bitninja.IO team <packaging@bitninja.io> Tue, 15 sep 2020 13:44:54 +0100
bitninja (2.17.2) stable; urgency=low
* Fixed an issue where HaProxy would add to the value of GPC when a non-grey listed IP connects.
-- bitninja.IO team <packaging@bitninja.io> Thu, 3 sep 2020 12:50:02 +0100
bitninja (2.17.1) stable; urgency=low
* Fixed an issue where Malware Detection Module would not create a log if the module crashes.
-- bitninja.IO team <packaging@bitninja.io> Mon, 31 aug 2020 14:23:42 +0100
bitninja (2.17.0) stable; urgency=low
* Extended timeout limits within HaProxy's configuration.
* HaProxy now attempts to use every thread.
* You can now modify HaProxy's configuration via /etc/bitninja/SslTerminating/config.ini
* ConfigParser now sets up an inotify check for every Apache/NGINX configurations.
* SSL Termination now sets up an inotify check for every collected certification.
* Updated HaProxy's health check.
* TrustedProxy is now able to update white/blacklist while running.
* TrustedProxy now creates re-directions similar to WAF.
* CaptchaHTTP now removes Trusted Proxies' IP when de-listing an address.
-- bitninja.IO team <packaging@bitninja.io> Thu, 27 aug 2020 11:19:25 +0100
bitninja (2.16.0) stable; urgency=low
* Added experimental Malware Scanner changes.
- Malware Scanner's functions were added back to Malware Detection.
- Malware Scanner now forwards requests to Malware Detection, reducing memory usage.
* Malware Detection changes:
- Global md5 and sa-md5 whitelist
- It now scans files in 4,2,1 ratio during active, manual and timed scans.
- Now deletes the old databases.
- Scans can now run Asynchronous.
- Now you can restore files from the CLI the same way you could from our admin panel.
- Added the option to run a Dry Run via CLI for testing purposes.
- Now only uses one database instead of the previous four.
- You can now re-activate a discarded signature.
* The URL Captcha now tries to fetch pre-defined URLs via API when starting.
* Fixed an issue with Transparent Proxy where it would cause errors when used with CloudLinux.
* Trusted Proxy Module can now operate in full Transparent Proxy mode.
* SSL Terminating will now re-generate configurations upon every startup according to config.ini
* SSL Terminating will not set health check for the original web server within HaProxy's configuration
* Agent is now able to upload configurations via API.
-- bitninja.IO team <packaging@bitninja.io> Mon, 03 aug 2020 13:46:42 +0100
bitninja (2.15.0) stable; urgency=low
* Added Plesk Site Protection Extension.
* Added the URL Captcha (beta) for validating human visitors.
* The URL Captcha will now store IP addresses in a separate Sticky Table, which will stay valid for one day.
* The URL Captcha is able to store the real IPs when using Trusted Proxy.
-- bitninja.IO team <packaging@bitninja.io> Wed, 22 jul 2020 10:45:51 +0100
bitninja (2.14.1) stable; urgency=low
* Fixed an issue where a test incident would trigger a WAF default action to generate a "log only" report alongside with the original report for every incident.
-- bitninja.IO team <packaging@bitninja.io> Fri, 26 Jun 2020 13:46:09 +0100
bitninja (2.14.0) stable; urgency=low
* Remove BitNinja port numbers from location header if present.
* Fixed three crash issues in SenseLog.
-- bitninja.IO team <packaging@bitninja.io> Thu, 18 Jun 2020 15:08:23 +0100
bitninja (2.13.0) stable; urgency=low
* WAFManager can generate advanced honeypot content and related ModSecurity rules.
bitninjacli --module=WAFManager --generate-honeypots
* DefenseRobot creates malware signature about files found in the correlation logs.
* MalwareDetection checks if signature meta file changed.
* Shogun Incident sending batch size reduced to 30 incindets.
-- bitninja.IO team <packaging@bitninja.io> Wed, 10 Jun 2020 17:37:52 +0100
bitninja (2.12.3) stable; urgency=low
* The incidents contains domains if there are any.
* SiteProtection module can install the cPanel BitNinja extension
* WAF uses HAProxy as frontend in http connections as well
* Agent sets up BN-Client-Port header, which contains the original connections
remote port(s).
* Shogun forwards lookup when reverse whitelisting.
* MalwareDetection destroys its database if corrupted or unreachable.
-- bitninja.IO team <packaging@bitninja.io> Tue, 07 May 2020 16:34:05 +0100
bitninja (2.11.2) stable; urgency=low
* Skip log analysis when the row does not have any SenseLog rule.
-- bitninja.IO team <packaging@bitninja.io> Tue, 28 Apr 2020 14:36:33 +0100
bitninja (2.11.1) stable; urgency=low
* SslTerminating won't cause 503 error, when old SSL cipher is used by the
protected website.
* SslTerminating generate stat page for HAProxy, which is available at
127.0.0.1:61936. Its credentials are stored in
/opt/bitninja-ssl-termination/etc/haproxy/configs/stat_page.cfg. Credentials
are renewed every time since the config is being generated automatically.
-- bitninja.IO team <packaging@bitninja.io> Fri, 24 Apr 2020 18:24:15 +0100
bitninja (2.11.0) stable; urgency=low
* BitNinja Dojo is a dependency from now
* SenseLog uses php-inotify. Performance greatly increased (watching ~5000 logs
CPU usage dropped to 0-1% from 45-50%)
* SenseLog log processing 4x faster
-- bitninja.IO team <packaging@bitninja.io> Mon, 20 Apr 2020 10:09:08 +0100
bitninja (2.10.7) stable; urgency=low
* Agents are able to change their hostname without any issue at BitNinja
* License bugfix
* From now every incident has its own identifier, so they won't disappear
on the dashboard.
-- bitninja.IO team <packaging@bitninja.io> Thu, 16 Apr 2020 12:37:26 +0100
bitninja (2.10.6) stable; urgency=low
* Performance improvement in API communication
* New cli commands: --version and --serverinfo
* HaProxy upgrade to 1.9.13. It supports TLS 1.3, updated cipher.
-- bitninja.IO team <packaging@bitninja.io> Mon, 30 Mar 2020 16:22:47 +0100
bitninja (2.10.3) stable; urgency=low
* Fixed Google reCaptcha issue at captcha page
* Agent runs a scan at start with the new signatures
-- bitninja.IO team <packaging@bitninja.io> Tue, 24 Mar 2020 22:17:01 +0100
bitninja (2.10.2) stable; urgency=low
* Agent can now use API to fetch BitNinja malware database
-- bitninja.IO team <packaging@bitninja.io> Tue, 24 Mar 2020 12:33:42 +0100
bitninja (2.10.1) stable; urgency=low
* Fix compatibility issues with old agents when using cli to add new custom
signature.
-- bitninja.IO team <packaging@bitninja.io> Mon, 23 Mar 2020 13:30:15 +0100
bitninja (2.10.0) stable; urgency=low
* Users can add custom signatures via bitninjacli
-- bitninja.IO team <packaging@bitninja.io> Thu, 23 Mar 2020 09:25:58 +0100
bitninja (2.9.2) stable; urgency=low
* Hotfix for agent detection
-- bitninja.IO team <packaging@bitninja.io> Thu, 12 Mar 2020 10:05:36 +0100
bitninja (2.9.1) stable; urgency=low
* New agent detection, prepare agents to handle the hostname changes properly
-- bitninja.IO team <packaging@bitninja.io> Wed, 11 Mar 2020 16:33:54 +0100
bitninja (2.9.0) stable; urgency=low
* VPS license support
-- bitninja.IO team <packaging@bitninja.io> Wed, 11 Mar 2020 12:52:16 +0100
bitninja (2.8.4) stable; urgency=low
* Config option to deny BitNinja's port availability. Default: off
(BitNinja's port are discoverable)
-- bitninja.IO team <packaging@bitninja.io> Mon, 09 Mar 2020 16:30:02 +0100
bitninja (2.8.3) stable; urgency=low
* config option for PCI compliance
* bitninja-ssl-termination upgrade to 1.2.2 which contains HAProxy update
1.9.13, which contains TLS 1.3
-- bitninja.IO team <packaging@bitninja.io> Fri, 06 Mar 2020 16:47:55 +0100
bitninja (2.8.1) stable; urgency=low
* In CaptchaHttp config.ini users can turn on/off honeypot contents of
captcha page
-- bitninja.IO team <packaging@bitninja.io> Wed, 04 Mar 2020 11:12:12 +0100
bitninja (2.8.0) stable; urgency=low
* Control panel and service detector implemented
* CaptchaHttp will show correctly the captcha page in cPanel admin site
when IP is greylisted
* In CaptchaHttp config.ini users can specify ports where their webserver
services are listening/running (eg.: 8080, 8888)
* MalwareDetection Loki and Pony botnet structure-analysis signatures has
been added
-- bitninja.IO team <packaging@bitninja.io> Wed, 04 Mar 2020 11:12:37 +0100
bitninja (2.7.0) stable; urgency=low
* Redesigned captcha page
* Drop policy compatible firewall rules (CaptchaHTTP, CaptchaFTP, CaptchaSMTP,
WAF, TrustedProxy, OutboundHoneypot, PortHoneypot)
-- bitninja.IO team <packaging@bitninja.io> Wed, 12 Feb 2020 16:33:01 +0100
bitninja (2.6.9) stable; urgency=low
* Some commonly used ports are now disabled in PortHoneypot
* MalwareDetection database bug upon save has been fixed
-- bitninja.IO team <packaging@bitninja.io> Mon, 27 Jan 2020 12:49:58 +0100
bitninja (2.6.8) stable; urgency=high
* MalwareDetection/Scanner modules will not crash if the internal database
is not available.
* MalwareDetection/Scanner modules updates whitelist on the fly
* TrustedProxy https whitelist issue fixed
* WAFManager socket bind issue fixed
-- bitninja.IO team <packaging@bitninja.io> Tue, 21 Jan 2020 12:26:17 +0100
bitninja (2.6.7) stable; urgency=high
* SenseLog rule 25_1_002 and 25_1_003 (covering exim and dovecot logs)
has been disabled due to causing high false positive catches.
-- bitninja.IO team <packaging@bitninja.io> Wed, 11 Dec 2019 17:53:28 +0100
bitninja (2.6.6) stable; urgency=high
* Revert CaptchaHttp 'x-forwarded-for' header to 'X-FORWARDED-FOR'
-- bitninja.IO team <packaging@bitninja.io> Wed, 04 Dec 2019 11:08:57 +0100
bitninja (2.6.5) stable; urgency=high
* Revert bitninja-ssl-termination package
-- bitninja.IO team <packaging@bitninja.io> Wed, 04 Dec 2019 11:08:57 +0100
bitninja (2.6.4) stable; urgency=low
* Malware scan progress refresh every 20 seconds
* Fixed MalwareDetection crash
* MalwareScanner and MalwareDetector contains the correct WPVCD detector name
-- bitninja.IO team <packaging@bitninja.io> Tue, 03 Dec 2019 20:36:40 +0100
bitninja (2.6.3) stable; urgency=low
* CaptchaHttp 'x-forwarded-for' format changed, because of HAProxy 2.1
-- bitninja.IO team <packaging@bitninja.io> Tue, 03 Dec 2019 20:36:40 +0100
bitninja (2.6.2) stable; urgency=low
* New SenseLog rules (mostly for cPanel)
-- bitninja.IO team <packaging@bitninja.io> Tue, 03 Dec 2019 20:36:40 +0100
bitninja (2.6.1) stable; urgency=low
* bitninja-ssl-termination package upgrade (1.2.0)
* Upgraded HAProxy 2.1
* Binary name changed from haproxy to bitninja-sslt
* Logs moved to /var/log/bitninja-ssl-termination
* Log rotation changed to 7 days from 52 days
* Fixed HAProxy health check
-- bitninja.IO team <packaging@bitninja.io> Tue, 03 Dec 2019 20:36:40 +0100
bitninja (2.6.0) stable; urgency=low
* Outbound honeypot module (beta)
-- bitninja.IO team <packaging@bitninja.io> Thu, 21 Nov 2019 15:08:57 +0100
bitninja (2.5.0) stable; urgency=low
* SiteProtection module
-- bitninja.IO team <packaging@bitninja.io> Thu, 14 Nov 2019 17:37:25 +0100
bitninja (2.4.0) stable; urgency=low
* New malware detection method
* MalwareDetector supports local SQLite database
-- bitninja.IO team <packaging@bitninja.io> Thu, 12 Nov 2019 13:13:48 +0100
bitninja (2.3.1) stable; urgency=low
* BitNinja now supports Debian 10 and CentOS 8
* Inotify upgraded by epel repository on CentOS servers
* ProxyFilter downloads user lists as well
-- bitninja.IO team <packaging@bitninja.io> Thu, 07 Nov 2019 15:35:12 +0100
bitninja (2.2.0) stable; urgency=low
* New Goto MalwareDetector has been added.
* MalwareDetector passing user name to post detection scripts as well.
* WAFManager checks if IPv6 is supported, and removes IPv6 bindings if
not needed.
-- bitninja.IO team <packaging@bitninja.io> Thu, 26 Sep 2019 15:14:45 +0100
bitninja (2.1.1) stable; urgency=low
* Revert quarantaine filename creation.
-- bitninja.IO team <packaging@bitninja.io> Thu, 12 Sep 2019 18:07:17 +0100
bitninja (2.1.0) stable; urgency=low
* Auditd file system monitor option has been added to MalwareDetection. It can be enabled
in the config.
* AuditManager module has been added. It is able to install BitNinja audisp plugin.
-- bitninja.IO team <packaging@bitninja.io> Thu, 12 Sep 2019 16:26:30 +0100
bitninja (2.0.0) stable; urgency=low
* MalwareDetection file greylist, whitelist, blacklist feature has been added.
* Files can be restored from quarantine on the Dashboard.
* WAFManager can create DNAT, TPROXY and full transparent port redirections.
This feature can be enabled in the config.
-- bitninja.IO team <packaging@bitninja.io> Thu, 29 Aug 2019 13:19:14 +0100
bitninja (1.30.6) stable; urgency=low
* MalwareDetection restarts inotify, when inotify output file removed.
-- bitninja.IO team <packaging@bitninja.io> Tue, 30 Jul 2019 13:42:27 +0100
bitninja (1.30.5) stable; urgency=low
* MalwareDetection cleans HexaBotnet injections.
* MalwareDetection improved with WPVCD detector, and it can clean this type
of injection too.
* MalwareDetection creates inotify log file if it was deleted by mistake.
-- bitninja.IO team <packaging@bitninja.io> Mon, 29 Jul 2019 15:51:16 +0100
bitninja (1.30.4) stable; urgency=low
* Update API v2 client to the latest
-- bitninja.IO team <packaging@bitninja.io> Thu, 25 Jul 2019 14:29:54 +0100
bitninja (1.30.3) stable; urgency=low
* Update BitNinja Dojo requirements.
-- bitninja.IO team <packaging@bitninja.io> Thu, 25 Jul 2019 12:35:08 +0100
bitninja (1.30.2) stable; urgency=low
* TrustedProxy downloads global trusted proxy lists.
* CLI --webhoneypotify option will create a copy of the transformed file
in the quarantaine.
* New API v2 features added in the framework.
* IpFilter's Port Filter feature improved with allowing connections to
blacklisted IPs too.
* IpFilter's Port Filter can allow all outgoing connections to greylisted
or blacklisted IPs.
-- bitninja.IO team <packaging@bitninja.io> Thu, 25 Jul 2019 10:18:48 +0100
bitninja (1.30.1) stable; urgency=low
* Fixed IpFilter broken greylisted port filtering feature. It allows
in/outgoing greylisted connection for specific ports.
-- bitninja.IO team <packaging@bitninja.io> Fri, 05 Jul 2019 14:38:22 +0100
bitninja (1.30.0) stable; urgency=low
* MalwareDetection file whitelist feature has been implemented.
* Users can add files to their MalwareDetection whitelist. This information
is shared between servers.
* Application Detector can send information to the new API. This information
will help in generating application specific rulesets.
* MalwareDetection's exclude file list has been improved.
* MalwareDetection can send malware samples for analysis from now on.
-- bitninja.IO team <packaging@bitninja.io> Tue, 02 Jul 2019 18:13:48 +0100
bitninja (1.29.12) stable; urgency=low
* MalwareScanner checks mount points for multiple home directories.
* MalwareScanner skips CageFS mount points from now on.
* Broken WAF start on interface option has been fixed.
-- bitninja.IO team <packaging@bitninja.io> Tue, 25 Jun 2019 19:49:58 +0100
bitninja (1.29.11) stable; urgency=low
* Missing iptables jump rule has been added to iptables filter table.
* ProxyFilter's ipset export method has been improved.
* Experimental application detector has been added which will be used to
lower false positive incidents.
-- bitninja.IO team <packaging@bitninja.io> Fri, 14 Jun 2019 16:08:14 +0100
bitninja (1.29.10) stable; urgency=low
* Fixed SslTerminating module's double certificate issue when using
multiple web servers.
* Fixed SslTerminating module's memory leak issue. The issue occurs in
PHP's openssl functions. These checks are temporarily disabled.
* Fixed Ipset selector's issue when ipset version was falsely identified.
-- bitninja.IO team <packaging@bitninja.io> Wed, 12 Jun 2019 16:16:34 +0100
bitninja (1.29.9) stable; urgency=low
* MalwareScanner cancel CLI option has been added.
* ConfigParser module's ApacheConfigReader has been improved with a
recursive glob pattern matcher.
-- bitninja.IO team <packaging@bitninja.io> Tue, 04 Jun 2019 14:33:55 +0100
bitninja (1.29.8) stable; urgency=low
* MalwareScanner scans can be cancelled from this version.
* Resolution issue has been fixed for the CAPTCHA page on mobile devices.
* SslTerminating module manages certlist file content, if any certificates
have been found.
* DosDetection module can be disabled form CLI and DashBoard.
* DosDetection only creates log level incidents about outgoing DoS events.
-- bitninja.IO team <packaging@bitninja.io> Thu, 30 May 2019 17:23:47 +0100
bitninja (1.29.7) stable; urgency=low
* Inter-process communication limits have been increased to prevent IPC
queue errors.
* Successful CAPTCHA incidents will not remove other incidents about an IP.
* ProxyFilter start up issue has been fixed when port redirection iptables
rules have been created before starting HAProxy.
-- bitninja.IO team <packaging@bitninja.io> Tue, 28 May 2019 17:17:24 +0100
bitninja (1.29.6) stable; urgency=low
* Shogun module keeps a local version of global whitelist in memory, in
case of ipsets were flushed.
* Shogun will not forward successful CAPTCHA incidents to AntiFlood.
-- bitninja.IO team <packaging@bitninja.io> Wed, 22 May 2019 17:05:18 +0100
bitninja (1.29.5) stable; urgency=low
* Agent's iptables and ipset loading has been unified.
* Fixed the issue when WAF iptables port redirections were inserted before
the whitelist has been loaded.
* IpFilter has been prepared to support IPv6 sets and Trusted Proxy feature
in every ipset implementaion.
* ProxyFilter can be enabled on the Dashboard.
-- bitninja.IO team <packaging@bitninja.io> Sun, 19 May 2019 15:36:01 +0100
bitninja (1.29.4) stable; urgency=low
* Japanese translation has been added to BIC page.
* Trigger Malware Scanner scan status sending to API after the first saving
of scan status to file.
* DefenseRobot triggers a malware scan on the document root of a web site
when this information is available.
* CloudFlare and OpenDNS DNS servers has been globally whitelisted.
* Raise DosDetection DNS thresholds.
-- bitninja.IO team <packaging@bitninja.io> Thu, 09 May 2019 14:49:34 +0100
bitninja (1.29.3) stable; urgency=low
* Fix SslTerminating HAProxy IPv6 binding issue on old OSs.
-- bitninja.IO team <packaging@bitninja.io> Thu, 02 May 2019 15:05:32 +0100
bitninja (1.29.2) stable; urgency=low
* ProxyFilter can be enabled from CLI and Dashboard.
* ProxyFilter will create new HAProxy configuration which supports
CloudFlare and MaxCDN.
* SslTerminating supports IPv6 addresses.
-- bitninja.IO team <packaging@bitninja.io> Tue, 30 Apr 2019 17:33:11 +0100
bitninja (1.29.1) stable; urgency=low
* Fix undefined scanner issue in MalwareScanner when the module tried to
run scheduled scans.
-- bitninja.IO team <packaging@bitninja.io> Wed, 24 Apr 2019 12:08:25 +0100
bitninja (1.29.0) stable; urgency=low
* ProxyFilter Module has been added to Agent. This module provides an API
to other modules which IP addresses are trusted proxies.
* Shogun will not send Incidents from trusted proxies.
* CaptchaHttp will use the IP address given by the trusted proxy, if a
request comes from a trusted proxy.
* MalwareDetection post detection scripts will receive a second parameter
with the malware's name.
* CaptchaHttp will trim the WAF static page uris form the original url.
-- bitninja.IO team <packaging@bitninja.io> Tue, 23 Apr 2019 17:40:56 +0100
bitninja (1.28.4) stable; urgency=low
* Japanese translation has been added to Captcha page.
* MalwareScanner's full scan paths can be defined in the MalwareScanner's
config.ini.
-- bitninja.IO team <packaging@bitninja.io> Tue, 16 Apr 2019 14:29:55 +0100
bitninja (1.28.3) stable; urgency=low
* IPv6 Incident Filter has been added to Shogun. We don't want to greylist
anyone by mistake if the feature is not enabled.
-- bitninja.IO team <packaging@bitninja.io> Thu, 11 Apr 2019 20:18:56 +0100
bitninja (1.28.2) stable; urgency=low
* Binding on IPv6 ports will only happen when IPv6 support is enabled and
implemented.
* Fixed SslTerminating module generated HAProxy configuration, which
contains IPv6 bindings.
* IpFilter won't wait for an hour if iptables rules can be fixed.
* Malwares found by MalwareScanner are separated from malwares found
by MalwareDetection.
-- bitninja.IO team <packaging@bitninja.io> Thu, 11 Apr 2019 12:51:58 +0100
bitninja (1.28.1) stable; urgency=low
* Fixed CaptchaFtp's missing resource check issue.
-- bitninja.IO team <packaging@bitninja.io> Tue, 02 Apr 2019 11:06:53 +0100
bitninja (1.28.0) stable; urgency=low
* IpFilter can create IPv6 ip6tables rules from now on. This feature is
currently experimental, and can be enabled in the config.ini.
* IPv6 ipsets are generated locally for ip6tables rules. These sets will
be flushed with every Agent restart.
* CaptchaHttp can serve IPv6 requests.
* PortHoneypot mine socket servers bind on IPv6, if IPv6 support is
enabled in IpFilter.
* WAF port redirection iptables rules contain comments from now on.
* IPv6 WAF port redirection rules will be created, if IPv6 support is
enabled in IpFilter.
* SslTermination works with IPv6 from now on.
-- bitninja.IO team <packaging@bitninja.io> Mon, 01 Apr 2019 13:24:11 +0100
bitninja (1.27.7) stable; urgency=low
* Reduced the false positive rate of the HexaBotnet MalwareDetection detector.
-- bitninja.IO team <packaging@bitninja.io> Mon, 25 Mar 2019 15:17:03 +0100
bitninja (1.27.6) stable; urgency=low
* HexaBotnet MalwareDetector has been added.
-- bitninja.IO team <packaging@bitninja.io> Thu, 21 Mar 2019 17:27:52 +0100
bitninja (1.27.5) stable; urgency=low
* DataProvider sends iptables and ipset version information and local IPv6 addresses to API for future IPv6 support.
* IpFilter creates local IPv6 user whitelist sets and adds local IPv6 addresses to whitelist.
-- bitninja.IO team <packaging@bitninja.io> Tue, 19 Mar 2019 19:39:31 +0100
bitninja (1.27.4) stable; urgency=low
* DefenseRobot sends collected correlation event info to the API. This information is available under the Infected Files menu.
* DefenseRobot IP incidents got a new incident type BL_BN_DEFENSE_ROBOT type for better filtering.
* Key exchange violation SenseLog Rule has been added to prevent key exchange degradation attacks.
-- bitninja.IO team <packaging@bitninja.io> Wed, 13 Mar 2019 14:57:22 +0100
bitninja (1.27.3) stable; urgency=low
* DefenseRobot generates normal incidents.
-- bitninja.IO team <packaging@bitninja.io> Tue, 19 Feb 2019 14:53:39 +0100
bitninja (1.27.2) stable; urgency=low
* CaptchaFtp module has been enabled by default.
* DefenseRobot has been prepared for Dashboard activation.
* New SenseLog LogDetectors and rules have been added: Plesk bruteforce detection, Magento downloader bot detection, LFD log detector. Wordpress XMLRPC SenseLog rule has been fine-tuned.
-- bitninja.IO team <packaging@bitninja.io> Thu, 14 Feb 2019 14:12:49 +0100
bitninja (1.27.1) stable; urgency=low
* Fixed incorrect MalwareScanner progress status reporting.
* MalwareScanner can now download configurations from the API.
-- bitninja.IO team <packaging@bitninja.io> Fri, 08 Feb 2019 16:42:45 +0100
bitninja (1.27.0) stable; urgency=low
* A new beta module called DefenseRobot has been added. This module will help you find out who uploaded malware to the server and how they did it.
* DefenseRobot can be enabled via CLI: bitninjacli --module=DefenseRobot --enabled
* DefenseRobot module can find malware related log lines in Apache2 access logs, Nginx access logs and Ftp xferlogs.
* DefenseRobot can find malware related log lines in cPanel and Plesk logs.
* DefenseRobot can find malware related log lines in bitninja-waf access log.
* DefenseRobot can automatically greylist IPs related to malware upload.
-- bitninja.IO team <packaging@bitninja.io> Thu, 07 Feb 2019 17:46:51 +0100
bitninja (1.26.1) stable; urgency=low
* MalwareScanner remote scan call has been enabled on Agent side.
-- bitninja.IO team <packaging@bitninja.io> Tue, 05 Feb 2019 18:24:22 +0100
bitninja (1.26.0) stable; urgency=low
* MalwareScanner has been improved with sheduled scan.
* MalwareScanner can now run a full system scan.
* Prepared MalwareScanner to report scan status to the API. These reports will be shown on the dashboard.
* MalwareScanner listens for signals during scan.
* MalwareScanner can continue interrupted scans from where they were stopped.
* Fixed CaptchaFtp's high CPU usage issue.
* Added reasonable connection timeout values for CaptchaFtp.
-- bitninja.IO team <packaging@bitninja.io> Thu, 31 Jan 2019 14:10:43 +0100
bitninja (1.25.5) stable; urgency=low
* CaptchaFtp has been disabled by default.
-- bitninja.IO team <packaging@bitninja.io> Fri, 18 Jan 2019 10:05:51 +0100
bitninja (1.25.4) stable; urgency=low
* CaptchaFtp has been enabled globally after the end of test period.
* WAFManager will upgrade the bitninja-waf package if the module's enabled.
-- bitninja.IO team <packaging@bitninja.io> Wed, 16 Jan 2019 10:11:30 +0100
bitninja (1.25.3) stable; urgency=low
* PortFilter feature has been added to IpFilter module. It can be used to allow incoming and outgoing greylisted IP connections for specific service ports.
* Outgoing mail service ports are now allowed to greylisted IPs.
* CaptchaFtp's IPC queue number has been changed to a unique one.
-- bitninja.IO team <packaging@bitninja.io> Fri, 11 Jan 2019 12:03:09 +0100
bitninja (1.25.2) stable; urgency=low
* CaptchaFtp module can be enabled and disabled through the BitNinja Dashboard and using bitninjacli, if needed. It's disabled by default.
-- bitninja.IO team <packaging@bitninja.io> Mon, 07 Jan 2019 11:01:04 +0100
bitninja (1.25.1) stable; urgency=low
* CaptchaFtp's downloadable file contains the server's IP address, where clients can solve the CAPTCHA.
-- bitninja.IO team <packaging@bitninja.io> Wed, 02 Jan 2019 17:28:12 +0100
bitninja (1.25.0) stable; urgency=low
* New CaptchaFtp module has been added.
-- bitninja.IO team <packaging@bitninja.io> Wed, 02 Jan 2019 15:45:42 +0100
bitninja (1.24.9) stable; urgency=low
* Browser Integrity Check's maximum usage can be changed in CaptchaHttp's config.ini file.
* CaptchaHttp caches the successful CAPTCHA event for few seconds.
* CaptchaHttp uses Location HTTP header instead of Refresh.
-- bitninja.IO team <packaging@bitninja.io> Thu, 27 Dec 2018 16:29:59 +0100
bitninja (1.24.8) stable; urgency=low
* SslTerminating module uses ConfigParser results for HAProxy config generation by default.
* ConfigParser's config file change check intervals have been doubled. Quick check runs every minute. Deep check runs every 8 minutes.
* ConfigParser's nice level changed to 10.
* SslTerminating module will strip port informations from collected domain names, if found.
-- bitninja.IO team <packaging@bitninja.io> Tue, 11 Dec 2018 16:57:13 +0100
bitninja (1.24.7) stable; urgency=low
* IpFilter PostScripts will run after iptables reload command has been received from Cli.
* CatpchaSmtp hash Cache expire time has been increased to 10 days.
* PortHoneypot will not start honeypots on email service ports, unless they're added to the config.ini.
* Debian 9 WAF package installation has been fixed. Already installed package will be updated.
-- bitninja.IO team <packaging@bitninja.io> Tue, 04 Dec 2018 14:03:52 +0100
bitninja (1.24.6) stable; urgency=low
* WAFManager initial wait time has been increased. This will help to prevent the issue when WAF iptables rules have been added before initial rule setup.
* Captcha pages content has been concatenated to prevent the rare missing CSS, Javascript issues.
-- bitninja.IO team <packaging@bitninja.io> Thu, 29 Nov 2018 16:17:15 +0100
bitninja (1.24.5) stable; urgency=low
* System module will migrate rpm BitNinja repos to use $releasever in repo url.
-- bitninja.IO team <packaging@bitninja.io> Wed, 14 Nov 2018 16:06:17 +0100
bitninja (1.24.4) stable; urgency=low
* No color command line option has been added to bitninja executable. It's useful when running the agent in Docker. Usage: /opt/bitninja/bitninja --nocolor
* Useful scripts have been added to Cli/scripts folder. The debug-outbound-ip script can be used to find blocked outbound connections. The force_recollect_ssl_certs.sh script can be used to flush and recollect SSL certificates.
* Cpanel EasyApache source folder has been added to MalwareDetection's exclude list.
* Reduced WAF iptables rule removal log's level to debug.
* Reduced failed API call's backtrace-log log level to debug.
* Fixed the issue about load informations not updating.
-- bitninja.IO team <packaging@bitninja.io> Tue, 06 Nov 2018 14:56:57 +0100
bitninja (1.24.3) stable; urgency=low
* SslTerminating module will check how many HAProxy processes have been started by it. In case more than one is running, it will stop them.
* SslTerminating module will not be reloaded, if an invalid certificate has been found.
* WAF redirection checks will examine the return code of curl, not just the output.
* The enabled/disabled CLI commands for the old WAF will call the WAFManager module from now on.
* WAFManager can be configured to create redirections for IPs based on interfaces.
-- bitninja.IO team <packaging@bitninja.io> Wed, 17 Oct 2018 18:25:40 +0100
bitninja (1.24.2) stable; urgency=low
* Reduced some of the SslTerminating module's logs to debug.
* SslTerminating module checks content of certlist files before inserting an entry in the certlist file too.
-- bitninja.IO team <packaging@bitninja.io> Fri, 12 Oct 2018 14:41:20 +0100
bitninja (1.24.1) stable; urgency=low
* IpFilter module rechecks supported ipset implementation every 5 minutes, when only nullIpset has been found.
* SslTerminating module removes expired certificates from the cert list file.
-- bitninja.IO team <packaging@bitninja.io> Wed, 10 Oct 2018 15:58:39 +0100
bitninja (1.24.0) stable; urgency=low
* Experimental ConfigParser beta module has been added. It will be used by SslTermitaing, and future modules to understand their environment better.
* HAProxy can be configured to be in front of WAF 2.0. It will help with connection keep alive releated issues.
* OpenLiteSpeed Realtime reports have been added to MalwareDetection exclude list.
* Spanish translation for Captcha page.
* MalwareDetection FileType filter has been added. It will prevent socket and fifo file checks.
-- bitninja.IO team <packaging@bitninja.io> Mon, 08 Oct 2018 13:26:34 +0100
bitninja (1.23.4) stable; urgency=low
* Cagefs directory added to MalwareDetection's exclude list.
* MalwareDetection now restarts the inotifywait process if there are any changes in the exclude or monitor configuration.
* A little correction added to the Spanish CAPTCHA page.
-- bitninja.IO team <packaging@bitninja.io> Thu, 13 Sep 2018 12:16:50 +0100
bitninja (1.23.3) stable; urgency=low
* We added two new SenseLog rules. The first one detects arbitrary file uploader bots, and the second one is for Joomla Spam regers.
* SenseLog is prepared for future remote config update.
* Instant blacklist action added to WAFManager. It can be enabled for rules in the config.ini.
* Virtual WAF honeypotify command added to CLI. It could be useful for blocking web shell access.
-- bitninja.IO team <packaging@bitninja.io> Wed, 05 Sep 2018 13:13:55 +0100
bitninja (1.23.2) stable; urgency=low
* Fixed WAF iptables port redirection rules when Simulated ipset is in use. The rules were not inserted in the correct chain before.
-- bitninja.IO team <packaging@bitninja.io> Tue, 28 Aug 2018 17:32:28 +0100
bitninja (1.23.1) stable; urgency=low
* MalwareScanner scan command supports glob file path patterns. Eg: --scan=/home/*/public_html
-- bitninja.IO team <packaging@bitninja.io> Tue, 21 Aug 2018 17:54:30 +0100
bitninja (1.23.0) stable; urgency=low
* New MalwareScanner module added. This way the malware protection and the malware finding will use different processes.
* MalwareDetection and MalwareScanner modules support reload from CLI. For now it's the same as module restart.
* New --add-file-to-signature-set CLI option added. With it you can add a file to your local md5 malware signature set.
-- bitninja.IO team <packaging@bitninja.io> Tue, 14 Aug 2018 13:46:46 +0100
bitninja (1.22.7) stable; urgency=low
* WAFManager will update downloaded configrations on start up, if they're older than one day.
* SenseLog's false positive rule config has been updated.
-- bitninja.IO team <packaging@bitninja.io> Fri, 03 Aug 2018 12:54:23 +0100
bitninja (1.22.6) stable; urgency=low
* Module remote enable/disable bug has been fixed.
-- bitninja.IO team <packaging@bitninja.io> Wed, 01 Aug 2018 15:30:12 +0100
bitninja (1.22.5) stable; urgency=low
* MalwareDetection checks when restoring from quarantaine whether the destination is a symlink. The module will not restore the file if this is the case.
* Special thanks to RACK911LABS.COM for notifying us about the above-mentioned issue.
* IpFilter's double iptables restore bug has been fixed.
-- bitninja.IO team <packaging@bitninja.io> Mon, 30 Jul 2018 14:35:31 +0100
bitninja (1.22.4) stable; urgency=low
* BitNinja agent runs lfd integration and adds bitninja-waf and bitninja-ssl-termintaion to lfd's pignore. This will prevent false alarms about BitNinja.
* The agent has been prepared to handle new license types.
* The module enable and disable methods had been unified. SenseLog can be enabled and disabled from the Dashboard.
-- bitninja.IO team <packaging@bitninja.io> Tue, 24 Jul 2018 15:01:19 +0100
bitninja (1.22.3) stable; urgency=low
* SenseLog will ignore cPanel .bkup logs for ApacheAccessLog detector.
-- bitninja.IO team <packaging@bitninja.io> Mon, 16 Jul 2018 14:12:01 +0100
bitninja (1.22.2) stable; urgency=low
* SslTerminating module has health check, which runs every minute.
* SslTerminating module validates the content of the certificate list file and removes invalid entries.
* WAFManager can start the WAF on those servers that haven't got a default site enabled.
* Files created by BitNinja are now only accessible by root.
-- bitninja.IO team <packaging@bitninja.io> Fri, 13 Jul 2018 16:45:50 +0100
bitninja (1.22.1) stable; urgency=low
* Little correction in SenseLog default log file detector configuration. Some falsely detected files will be ignored.
-- bitninja.IO team <packaging@bitninja.io> Tue, 10 Jul 2018 12:45:05 +0100
bitninja (1.22.0) stable; urgency=low
* SenseLog module has been completely refactored. It's speed has improved 109 times.
* SenseLog can use the Aho-Corasick algorithm to match plain text.
* SenseLog can check files in different frequencies based on how often their content changes.
* SenseLog module can be enabled or disabled from Cli/Dashboard on the agent's side. The Dashboard frontend for enabling and disabling will be implemented later.
* SenseLog can download and reload LogDetector and RuleObject configs. Rules and detector settings will be editable through the BitNinja Dashboard in the future.
-- bitninja.IO team <packaging@bitninja.io> Mon, 09 Jul 2018 12:01:50 +0100
bitninja (1.21.0) stable; urgency=low
* BitNinja SslTerminating module supports HTTP2/h2.
* BitNinja SslTerminating module's migrations run at module time. This way unseen errors won't interrupt other modules' starting processes.
* BitNinja SslTerminating module's memory limit can be changed in config.ini. Minimum value is 100 MB, default value is 2 GB.
-- bitninja.IO team <packaging@bitninja.io> Tue, 19 Jun 2018 13:00:59 +0100
bitninja (1.20.10) stable; urgency=low
* SslTermination module downloads the latest bitninja-ssl-termination package. SslTermination supports h2.
The default bind option is h2,http1.1 for HAProxy. It can be changed in the config.ini.
-- bitninja.IO team <packaging@bitninja.io> Wed, 13 Jun 2018 17:55:03 +0100
bitninja (1.20.9) stable; urgency=low
* IpFilter HAProxy Access Control Support has been added for HTTPS connections.
The connection won't be terminated from now on: they will be directed to a different backend instead.
-- bitninja.IO team <packaging@bitninja.io> Fri, 08 Jun 2018 11:25:35 +0100
bitninja (1.20.8) stable; urgency=low
* Changed System module repo fixer to use improved OS detection.
* SslTerminating module checks if /etc/nginx/nginx.conf is present.
-- bitninja.IO team <packaging@bitninja.io> Thu, 31 May 2018 18:04:06 +0100
bitninja (1.20.7) stable; urgency=low
* OpenSuSE compatible changes have been made.
* OS detection has been improved for further compatiblity changes.
* Agent will wait 7 seconds before starting if csf has been found to prevent xtables lock on startup.
-- bitninja.IO team <packaging@bitninja.io> Thu, 10 May 2018 20:02:45 +0100
bitninja (1.20.6) stable; urgency=low
* SslTerminating module's Nginx certficate miner supports ssl on Nginx option.
* CaptchaHttp now uses proxy's IP address instead of client's in incidents that came from HTTPS.
* KeyCDN edge servers has been added to whitelist.
-- bitninja.IO team <packaging@bitninja.io> Tue, 08 May 2018 18:01:17 +0100
bitninja (1.20.5) stable; urgency=low
* Fixed WAFManager's 'Waiting for configuration download finish' infinite loop bug.
-- bitninja.IO team <packaging@bitninja.io> Fri, 27 Apr 2018 11:50:29 +0100
bitninja (1.20.4) stable; urgency=low
* CAPTCHA pages use recaptcha.net instead of google.com. This way the CAPTCHA will appear in China too.
-- bitninja.IO team <packaging@bitninja.io> Thu, 26 Apr 2018 14:10:42 +0100
bitninja (1.20.3) stable; urgency=low
* Danish translation has been added to CAPTCHA page.
* WAF/WAFManager will remove WAF related iptables rules on Agent stop.
* SslTerminating module now can collect certificates from misconfigured Apache configs too.
* The value of min_free_kbytes has been increased to the 10% of the server total memory (2GB is the maximum). This will fix page allocation failure on tcp calls.
-- bitninja.IO team <packaging@bitninja.io> Wed, 18 Apr 2018 16:25:57 +0100
bitninja (1.20.2) stable; urgency=low
* MalwareDetection First line cleaner has been enabled globally.
* Permissions are fixed when MalwareDetection restores file from quarantaine.
* PortHoneypot checks if mysqld is available and it will ignore port 3306.
* BitNinja Cli collects more log information.
-- bitninja.IO team <packaging@bitninja.io> Wed, 11 Apr 2018 18:07:19 +0100
bitninja (1.20.1) stable; urgency=low
* Improvements in CaptchaHttp successful CAPTCHA redirections. It should fix the missing verify.php issue.
-- bitninja.IO team <packaging@bitninja.io> Wed, 28 Mar 2018 14:19:23 +0100
bitninja (1.20.0) stable; urgency=low
* BitNinja-dojo dependency increased to 2.2.0. AhoCorasick PHP extension added. Aho-Corasick multiple string search algorithm is 80 times faster than strpos-foreach.
* MalwareDetection uses the Aho-Corasick algorithm for Hex detector. Performance is improved by 1000-3000% approximately.
* First-line PHP injection cleaner experimental detector added to MalwareDetection. This detector will clean the infected file instead of moving it to quarantine. It can be enabled in the config.ini.
-- bitninja.IO team <packaging@bitninja.io> Tue, 27 Mar 2018 19:23:14 +0100
bitninja (1.19.7) stable; urgency=low
* MalwareDetection file type witelisting feature has been improved. It means 50% performance improvement.
* WAFManager log directory creation permission has been fixed. Logrotate will not issue an error about it.
-- bitninja.IO team <packaging@bitninja.io> Thu, 22 Mar 2018 13:01:12 +0100
bitninja (1.19.6) stable; urgency=low
* BitNinja-dojo dependency increased to 2.1.0. It's a PHP 7.2.3 interpreter, which supports pthread for further performance improvements.
* Netfilter conntrack limit dependencies can be changed in /etc/bitninja/IpFilter/config.ini. Not advised.
-- bitninja.IO team <packaging@bitninja.io> Mon, 19 Mar 2018 14:44:15 +0100
bitninja (1.19.5) stable; urgency=low
* WAFManager uses DNAT for iptables redirections to support virtual IP addresses.
-- bitninja.IO team <packaging@bitninja.io> Thu, 08 Mar 2018 17:42:38 +0100
bitninja (1.19.4) stable; urgency=low
* PHP 7.2 compatible code changes releated to OutboundWAF.
* WAFManager retries to bind on its port 3 times.
-- bitninja.IO team <packaging@bitninja.io> Wed, 07 Mar 2018 17:38:34 +0100
bitninja (1.19.3) stable; urgency=low
* PortHoneypot excludes cPanel and Plesk service ports.
* Agent log levels and messages had been corrected. Unused code lines had been removed.
* PHP 7.2 compatible code changes.
-- bitninja.IO team <packaging@bitninja.io> Thu, 01 Mar 2018 15:44:33 +0100
bitninja (1.19.2) stable; urgency=low
* Greylist and Blacklist enabled for everyone.
-- bitninja.IO team <packaging@bitninja.io> Tue, 13 Feb 2018 12:42:48 +0100
bitninja (1.19.1) stable; urgency=low
* DirectAdmin user counting method improved. Special thanks to Duncan Emanuels for the cooperation.
* WAFManager HTTPS protection can be enabled through Dashboard - for Alpha testers only.
* PHP 7.2 compatibility changes made for the upcoming Dojo.
-- bitninja.IO team <packaging@bitninja.io> Thu, 08 Feb 2018 17:40:09 +0100
bitninja (1.19.0) stable; urgency=low
* WAFManager checks bitninja-waf service status every 2 minutes. This will ensure protection is up and running.
* WAFManager supports HTTPS configuration. New bitninja-waf and downloaded config version were needed.
* WAFManager automatically updates bitninja-waf to latest release.
-- bitninja.IO team <packaging@bitninja.io> Tue, 23 Jan 2018 16:56:34 +0100
bitninja (1.18.14) stable; urgency=low
* Relative path can be used with CLI.
* Exclude /home/virtfs from Malware Detection.
-- bitninja.IO team <packaging@bitninja.io> Wed, 17 Jan 2018 18:41:39 +0100
bitninja (1.18.13) stable; urgency=low
* File permission severity increased for SSL termination related folders.
* CaptchaHttp BIC page is only shown once for HTTPS connections.
-- bitninja.IO team <packaging@bitninja.io> Thu, 04 Jan 2018 18:21:08 +0100
bitninja (1.18.12) stable; urgency=low
* CaptchaHttp misleading incident type corrected when greylisted connections only load CAPTHCA page.
* SslTerminating error message reduced to info level, when no certificate file available yet for HAProxy.
* WAFManager start-up error fixes.
* IpFilter module now asks System module to reactivate other modules, when iptables rules have to be reloaded.
-- bitninja.IO team <packaging@bitninja.io> Wed, 03 Jan 2018 18:30:12 +0100
bitninja (1.18.11) stable; urgency=low
* Applebot added to whitelist.
* PHP 7 compatibility improvements.
* WAFManager configuration reload error fixed when the request is taking too long.
-- bitninja.IO team <packaging@bitninja.io> Thu, 21 Dec 2017 12:47:13 +0100
bitninja (1.18.10) stable; urgency=low
* Bugfix: WAFManager won't generate an incident every time the WAF module blocks a request.
-- bitninja.IO team <packaging@bitninja.io> Tue, 12 Dec 2017 18:09:17 +0100
bitninja (1.18.9) stable; urgency=low
* Pingdom added to global whitelist.
* New CLI option --remove-rules added. It can be used to remove every iptables and ipset added by BitNinja.
* BitNinja module processes can be started, stopped and restarted from CLI.
* Translations added to BIC page.
-- bitninja.IO team <packaging@bitninja.io> Wed, 06 Dec 2017 16:37:56 +0100
bitninja (1.18.8) stable; urgency=low
* pinterest.com added to domain whitelist.
* Porthoneypot now skips TCP echo (port 7).
* CaptchaHttp will only generate incidens if ? is present in uri.
* Almost every BitNinja module can receive enabled, disabled, reload commands.
-- bitninja.IO team <packaging@bitninja.io> Wed, 22 Nov 2017 15:20:59 +0100
bitninja (1.18.7) stable; urgency=low
* Socket files excluded from Malware Detection module configuration.
* Ssl Terminating and WAF Manager module error logs now saved to mod.ssl_termiting.log and mod.waf_manager.log.
* Minor bug fixes in Browser Integrity Check and Ssl Terminating module.
-- bitninja.IO team <packaging@bitninja.io> Mon, 13 Nov 2017 15:39:35 +0100
bitninja (1.18.6) stable; urgency=low
* Magento magmi.php and magmi.ini Log Analyzer filter had been disabled.
* PortHoneypot will not create honeyport on port 43.
* WAFManager's Audit logging is disabled by default, because it generates too many logs.
-- bitninja.IO team <packaging@bitninja.io> Thu, 09 Nov 2017 16:30:51 +0100
bitninja (1.18.5) stable; urgency=low
* Small fixes in Browser Integrity Check. These will reduce false positive delistings.
* Loading CAPTCHA page or Browser Integrity Check page will generate 'mistake level' incidents. Ten 'mistake level' incidents count as one 'normal level' incident.
* Small UI fixes on CAPTCHA page.
-- bitninja.IO team <packaging@bitninja.io> Tue, 31 Oct 2017 14:44:42 +0100
bitninja (1.18.4) stable; urgency=low
* Small fixes in Browser Integrity Check. These will reduce false positive delistings.
-- bitninja.IO team <packaging@bitninja.io> Fri, 27 Oct 2017 16:32:41 +0100
bitninja (1.18.3) stable; urgency=low
* When the IpFilter module starts up, it will remove all rules left in iptables filter table which have the comment: "Rule added by Bitninja".
-- bitninja.IO team <packaging@bitninja.io> Thu, 19 Oct 2017 12:08:51 +0100
bitninja (1.18.2) stable; urgency=low
* Log rotation added for log files under /var/log/bitninja/WAFManager.
* Minor bugfixes in Browser Integrity Check.
-- bitninja.IO team <packaging@bitninja.io> Wed, 18 Oct 2017 16:43:23 +0100
bitninja (1.18.1) stable; urgency=low
* Fixed a redirection bug on Browser Integrity Check
-- bitninja.IO team <packaging@bitninja.io> Mon, 16 Oct 2017 16:00:25 +0100
bitninja (1.18.0) stable; urgency=low
* Added Browser Integrity Check to the CAPTCHA module for greylisted connections on HTTP and HTTPS
-- bitninja.IO team <packaging@bitninja.io> Mon, 16 Oct 2017 14:09:40 +0100
bitninja (1.17.4) stable; urgency=low
* WAFManager supports ModSecurity v3.
-- bitninja.IO team <packaging@bitninja.io> Fri, 13 Oct 2017 16:43:06 +0100
bitninja (1.17.3) stable; urgency=low
* Small correction in the parsing of nginx configs.
-- bitninja.IO team <packaging@bitninja.io> Thu, 12 Oct 2017 16:09:16 +0100
bitninja (1.17.2) stable; urgency=low
* Cpanel internal users, mailman, clamav users are not counted in non system users number.
-- bitninja.IO team <packaging@bitninja.io> Wed, 04 Oct 2017 14:10:13 +0100
bitninja (1.17.1) stable; urgency=low
* The quarantine functionality in the Malware Detection module is configurable now: it is enabled by default and can be
disabled in the module's config.ini file. Plus it is now possible to add post-detection, post-quarantine and post-honeypotify scripts.
* Added prefiltering mechanism for the SenseLog module, which should reduce the CPU usage.
* WAFManager supports 32 bit operation systems.
-- bitninja.IO team <packaging@bitninja.io> Wed, 27 Sep 2017 16:49:10 +0100
bitninja (1.17.0) stable; urgency=low
* New WAFManager beta module added. This module will replace the current WAF. Currently it can be started through CLI only.
It will only work in log mode till the beta test is finished.
* External IPs extracted by dig added to local whitelists, too. This will reduce the number of false positives.
-- bitninja.IO team <packaging@bitninja.io> Mon, 18 Sep 2017 17:05:19 +0100
bitninja (1.16.24) stable; urgency=low
* Successful CAPTCHA solving now removes the last IP from the greylist in the X-FORWARDED-FOR header too,
if local reverse proxy is used. This will help removing greylisted CDN IPs from the greylist.
* Multiple config parser bugs fixed in SslTerminating certificate miners.
-- bitninja.IO team <packaging@bitninja.io> Wed, 06 Sep 2017 18:50:11 +0100
bitninja (1.16.23) stable; urgency=low
* Apache certificate miner uses ServerRoot directive when following relative includes.
-- bitninja.IO team <packaging@bitninja.io> Fri, 01 Sep 2017 14:12:43 +0100
bitninja (1.16.22) stable; urgency=low
* Ssl Terminating certificate miners support Nginx and LiteSpeed.
-- bitninja.IO team <packaging@bitninja.io> Mon, 28 Aug 2017 13:40:40 +0100
bitninja (1.16.21) stable; urgency=low
* Bugfix: IP removal from heimdall-nt-blacklist and heimdall-essetiallist when an IP address is removed from the
greylist will happen correctly from now on.
-- bitninja.IO team <packaging@bitninja.io> Wed, 23 Aug 2017 17:46:32 +0100
bitninja (1.16.20) stable; urgency=low
* More precise log file filtering has been added to SenseLog module, which will leave unneeded files alone in CPanel's domlogs.
This will reduce CPU usage on CPanel. Special thanks to Giuseppe Tanzilli for the assistance.
* SenseLog SQL Injection filter has been enabled, after successful beta testing.
-- bitninja.IO team <packaging@bitninja.io> Wed, 23 Aug 2017 12:44:04 +0100
bitninja (1.16.19) stable; urgency=low
* Bugfix in the IpSetAddIp/IpSetDelIp commands to avoid set size calculation errors.
* Post-quarantine script execution in MalwareDetection module's Quarantine Manager was fixed.
* System module will fix the repository automatically, in case a wrong one has been installed before.
* Bugfix in the SslTerminating module. Package installation problems in case of Centos 7 or Cloud Linux 7 have been fixed.
* DNS filtering is disabled, until DNS Captcha feature is fully implemented.
-- bitninja.IO team <packaging@bitninja.io> Thu, 10 Aug 2017 12:25:09 +0100
bitninja (1.16.18) stable; urgency=low
* AntiFlood feature is enabled by default for servers with Free license.
* Agents won't send incidents about an IP after successfully solving the Captcha with the next batch of incident sending.
* New SQL injection beta pattern was added to SenseLog. It will detect basic SQL injection attempts.
-- bitninja.IO team <packaging@bitninja.io> Thu, 03 Aug 2017 16:37:06 +0100
bitninja (1.16.17) stable; urgency=low
* Reduced tresholds - to 60 secs - to PostfixLogin supervisor to avoid false-positives.
* Reduced OutboundWAF domain cache to 5 minutes. This will reduce connection errors, when remote server IP address is changed.
* BitNinja doesn’t wait 10 seconds after start. This reduces startup time.
* Greylist and blacklist got disabled for servers with Free license.
* Two Blind SQL injection beta rules were added to SenseLog. These rules will not generate incidents on the Dashboard during the beta test.
-- bitninja.IO team <packaging@bitninja.io> Thu, 27 Jul 2017 18:40:54 +0100
bitninja (1.16.16) stable; urgency=low
* New Api server IPs added to IpFilter's whitelist.
* Apache Enumeration Filter only checks author enumeration when it's the only parameter. This will reduce false positives made by this filter.
* DataProvider use static_pcntl_sleep, this way it won't stuck in 'Waiting for IpFilter to load sets' state.
* SimulatedIpset missing rule checking feature added. This will make SimulatedIpset implementaion more robust.
* User white and blacklist priority switched. Previous order made some confusions, now user whitelist has the highest priority.
-- bitninja.IO team <packaging@bitninja.io> Tue, 18 Jul 2017 17:51:35 +0100
bitninja (1.16.15) stable; urgency=low
* Inotify logs rotate every hour, for better performance.
* Comment function added to black/whitelisting via cli. Use it like: bitninjacli --whitelist --add 1.2.3.4 --comment "My comment."
-- bitninja.IO team <packaging@bitninja.io> Mon, 10 Jul 2017 15:16:19 +0100
bitninja (1.16.14-1) stable; urgency=low
* Built-in inotify log rotation by Logrotate for better management of growing log files.
* Dutch translation added to the Captcha page.
* Simulated ipset restoring bug fixed. Country block feature supports simulated ipset from now on.
-- bitninja.IO team <packaging@bitninja.io> Fri, 07 Jul 2017 17:41:29 +0100
bitninja (1.16.13) stable; urgency=low
* New cli command: restore file from quarantine to the original path and with the original owner,
group and permissions. bitninjacli --restore.
* MalwareDetection inotifywait counter made more precise. This will prevent inotifywait from start multiple times.
* Bugfix of IpFilter's iptables rule check function.
* IpFilter now looking for missing filter table rules too. This will make the agent more compatible
with some firewall solutions.
* IpFilter set activation result is monitored, and if it failed for a set it will create an empty set for it,
and try to reload it every 5 minutes till it's successfully restored.
-- bitninja.IO team <packaging@bitninja.io> Fri, 30 Jun 2017 14:58:46 +0100
bitninja (1.16.12) stable; urgency=low
* Bitninja won't restart inotifywait process before upgrades. This will reduce Bitninja startup load.
-- bitninja.IO team <packaging@bitninja.io> Mon, 26 Jun 2017 12:14:34 +0100
bitninja (1.16.11) stable; urgency=low
* When more than one inotifywait processes are running, bitninja will stop the unnecessary ones. This
will reduce load generated by inotifywait.
* Null Object iptables, ipset, ip list implementation added to IpFilter. This way missing permissions
or implementation will not make errors.
* CaptchaHttp XSS vulnerability fixed.
* SenseLog's configuration can be reloaded via Cli, like bitninjacli --module=SenseLog --reload
* New log paths can be added to SenseLog's config.ini in a pattern manner like: /var/apache2/*/*_access.log.
-- bitninja.IO team <packaging@bitninja.io> Thu, 22 Jun 2017 12:36:31 +0100
bitninja (1.16.10) stable; urgency=low
* Exclude MariaDB database and index file format from inotify watching.
* IpFilter checks if there isn't any ipset implementation available (iptables rules cannot be added).
* Problem with unparseable year information from log lines by Senselog is fixed.
* License information can be queried by the Cli. It can be free, trial, ok (means pro license)
-- bitninja.IO team <packaging@bitninja.io> Thu, 15 Jun 2017 12:07:55 +0100
bitninja (1.16.9) stable; urgency=low
* New User Agent filter added to SenseLog. It will put every request made by specified user agents
listed in the config.ini on greylist. First enabled agent is: ANTIPIDERSIA
* Postfix login filter became a mature feature, generating incidents on the Dashboard.
* Maximum request processing time added for CaptchaHttp.
* PortHoneypot most scanned port list updated with new ports.
-- bitninja.IO team <packaging@bitninja.io> Tue, 06 Jun 2017 17:03:59 +0100
bitninja (1.16.8) stable; urgency=low
* SenseLog parse year informations correctly from log lines. Reducing SenseLog false positive rate.
* CaptchaHttp will not send incidents about get requests for favicon.ico. Reducing CaptchaHttp false
positive rate.
* CaptchaHttp now sends remote connection's port number too.
* The SMTP Captcha response text is nicer.
* Fixed the issue which caused the time zones to be truncated in some cases.
Thanks for the help for Brad Bell.
* TalkBack module disabled, because it will be replaced with another solution.
-- bitninja.IO team <packaging@bitninja.io> Tue, 30 May 2017 17:39:59 +0100
bitninja (1.16.7) stable; urgency=low
* MalwareDetection module sends malware infos to Api.
These informations will be shown on the Dashboard.
* Some improvements for UserCountCommand. This will be used in further pricing options.
* Loader gif added to the Captcha form.
-- bitninja.IO team <packaging@bitninja.io> Fri, 19 May 2017 14:43:26 +0100
bitninja (1.16.6) stable; urgency=low
* SystemHealtCmd runs every 3 minutes instead of one.
* Fixed ipset v4 heimdall-whitelist-net creation error when CIDR prefix is 32.
-- bitninja.IO team <packaging@bitninja.io> Tue, 16 May 2017 14:33:03 +0100
bitninja (1.16.5) stable; urgency=low
* Shogun now checks whitelist-net -s too, if an incident arrived. This way ips won get in
greylist or temporary blacklist when incident generated from a white listed ip.
* CaptchaPage no will wait 2 second before forwarding visitors to their destination after
successfully solving the Captcha. This should help preventing regreylisting after
solving the Captcha.
-- bitninja.IO team <packaging@bitninja.io> Fri, 12 May 2017 14:00:20 +0100
bitninja (1.16.4) stable; urgency=low
* DataProvider sends servers local user number to API.
This number will be used in further pricing options.
-- bitninja.IO team <packaging@bitninja.io> Thu, 04 May 2017 11:18:30 +0100
bitninja (1.16.3) stable; urgency=low
* Plesk Log (/var/www/vhosts/system/*/logs/access_log) route added to SenseLog.
* /var/www route added to MalwareDetection file_path-s.
* PortHoneypot checks if port is in use before creating a redirection.
-- bitninja.IO team <packaging@bitninja.io> Mon, 24 Apr 2017 14:12:20 +0100
bitninja (1.16.2) stable; urgency=low
* SslTerminating module can be enabled through dashboard.
* Replaced PHP-serialization in the Web Honeypot module with JSON-based serialization
due to security reasons. Previous honeypots are not compatible, the module will log
an error in cases where the data can't be JSON-decoded. The error message contains
the received data, the old honeypot can be found using this information.
* OutboundWAF handles symlinks correctly in cwd.
* You can convert a file to a honeypot through bitninjacli,
with bitninjacli --webhoneypot --file=/path/to/file.
* CLI help text updated with new commands.
* IpFilter greylist restoring for ipsetv6 moved to the module loop.
This way IpFilter rules are set after the first chunk loaded.
* Ipset restore nice level now set to 19 for the remaining greylist chunks.
This can probably decrease Bitninja start up load level.
-- bitninja.IO team <packaging@bitninja.io> Tue, 18 Apr 2017 09:31:49 +0100
bitninja (1.16.1) stable; urgency=low
* OutboundWAF only uses ss, if a malicious request is caught.
This can solve OutboundWAF high load issue on some servers.
* OutboundWAF ipc queue number was changed from 516 to 518.
* Multiple optimization added for SenseLog. Its performance improved with 645%.
* Multilingual support added to CaptchaSmtp page.
* ApacheWpXmlrpcSuspiciousUserAgent Filter is now active.
This rule looks for Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.1,
which is used by a scanner.
-- bitninja.IO team <packaging@bitninja.io> Thu, 06 Apr 2017 13:44:38 +0100
bitninja (1.16.0) stable; urgency=low
* New module: SslTerminating added. This module uses HAProxy to terminate https connections.
If a greylisted IP tries to connect on https(443 port) the Captcha page will appear.
* - Module can be enabled through bitninjacli by adding --module=SslTerminating --enabled to it.
* - HAProxy configs could be regenerated by --regenerate.
* - HAProxy configs can be reloaded by --reload.
-- bitninja.IO team <packaging@bitninja.io> Mon, 27 Mar 2017 09:24:23 +0100
bitninja (1.15.0) stable; urgency=low
* Fix passing variables on verify page.
* Prevent displaying double submit button.
* Update Spanish translation, add Russian translation to Captcha page.
* Add Greek, Indonesia and Portugal translations to Captcha page.
* CaptchaHttp socket listen backlog size can be set in config.ini. It's default value is set to 50.
This number shows how many connection can be waiting for processing at the same time.
Php default value is 32.
* * Fixed two bugs that may have caused the refusal of successful CAPTCHAs:
* * The CAPTCHA page contained two form nodes, one nested into the other.
While the tested modern browsers parsed the document correctly, some other browsers could have
parsed it differently and could have sent incorrect or partial data.
* * On some of the servers, queries to the ReCaptcha2 API failed with the error string "invalid-json".
This is a known bug in Google's ReCaptcha library (https://github.com/google/recaptcha/issues/103)
which causes the requests to fail with the default request method.
To avoid this, we changed the request method.
* Country block feature: users can put ip ranges from zone files on their user whitelist and user
blacklist. New removeFile() function to delete the set file and force the client to download the
new file. Users can select countries on admin.bitninja.io and the ReloadIpsetCommand will be executed
to reload the ipset and iptables rules.
-- bitninja.IO team <packaging@bitninja.io> Wed, 22 Mar 2017 14:18:35 +0100
bitninja (1.14.1) stable; urgency=low
* Fixed checking missing data in CaptchaHTTP to prevent undefined offset errors.
* New wp-login filter to prevent false-positives for customers using Wordpress websites.
Maximum retires for requests without redirect_to and reauth parameters changed to 50 in 30 minutes.
For requests that contain redirect_to and reauth parameters, the number of maximum retires is
100 in 30 minutes.
* More specific Joomla login filter to prevent false-positives.
* The DataProvider module calculates the count of IPs in each set incrementally, that is, it queries
the size of the sets and adds or subtracts from this number whenever an IP is added or removed.
To reduce the inaccuracy of this method, the module will periodically query the size of the whole sets.
* Local timestamp added to SenseLog incident log lines.
-- bitninja.IO team <packaging@bitninja.io> Fri, 03 Mar 2017 11:21:51 +0100
bitninja (1.14.0) stable; urgency=low
* New feature: Bitninja Agent can handle ip ranges.
* User white listing and black listing by netmask supported by Agent.
* Whitelisting bugix added for Simulated ipset. Defult target for whitelist chains set to ACCEPT.
This means proxy and own rules could be malfunctioning.
You can use IpFilter post-script-s for solving this issue.
-- bitninja.IO team <packaging@bitninja.io> Fri, 24 Feb 2017 14:18:39 +0100
bitninja (1.13.1) stable; urgency=low
* OutboundWAF incidens send IncidentProcesss and IncidentFiles as array instead of objects.
-- bitninja.IO team <packaging@bitninja.io> Wed, 22 Feb 2017 09:24:26 +0100
bitninja (1.13.0) stable; urgency=low
* OutboundWAF module added. This module monitors all out going HTTP requests, and if anything that its
given rules match, the module tries to identify the process and the files that the process uses.
* This module tries to help Administrators to indentify malwares.
* WAF module had been refactored, to further upgrades should be easier to add.
-- bitninja.IO team <packaging@bitninja.io> Mon, 20 Feb 2017 10:26:30 +0100
bitninja (1.12.14) stable; urgency=low
* CaptchaHttp use Google reCAPTCHA 2.
* SenseLog only pulls the last 1024 lines from log files instead of 10000.
-- bitninja.IO team <packaging@bitninja.io> Fri, 10 Feb 2017 15:08:34 +0100
bitninja (1.12.13) stable; urgency=low
* Vietnamese and German translation added to capthca page.
* Domain whitelisted .eset.com, .securityspace.com, .securityspace.net. http://downuptime.net/
ip added to whitelisted IPs.
* Warn log added, if any other inofitywait process is running
when MalwareDetection try to start inotifywait.
* QuarantineManager will use BlueCmdBuilder instead of BlueExec
to avoid command injection via the filename.
* TalkBack now will continue if, 404 error code retrieved from attacker.
* New test rule added for xmlrpc POST request by suspicious user agent
(Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.1)
* IpFilter runs post-up scripts. Post-up scripts can be executable placed in IpFilter config directory.
-- bitninja.IO team <packaging@bitninja.io> Wed, 01 Feb 2017 18:42:45 +0100
bitninja (1.12.12) stable; urgency=low
* Fix for CatpchaHttp Url validation. It fixes 500 HTTP errors when loading static contents
for CatpchaPages.
-- bitninja.IO team <packaging@bitninja.io> Tue, 17 Jan 2017 19:45:35 +0100
bitninja (1.12.11) stable; urgency=low
* Quickfix for CaptchaHttp directory traversal attack protection bug.
-- bitninja.IO team <packaging@bitninja.io> Mon, 16 Jan 2017 14:24:01 +0100
bitninja (1.12.10) stable; urgency=low
* CaptchaChallenge pages now use 403 status code instead of 200. Good bots should notice and leave it.
* Wordpress wp-login filter treshold increased to 100 attempts.
* IpsetV6 keeps the downloaded compressed greylist file.
* CaptchaHttp now more carefully looks for directory traversal attack attempt.
-- bitninja.IO team <packaging@bitninja.io> Thu, 12 Jan 2017 15:17:13 +0100
bitninja (1.12.9) stable; urgency=low
* Made VersionDataProviderCommand more robust.
* DataProvider won't count the IPs in each set. It will use an initial count and a difference
updated by the IpFilter using a command.
* New Api server IPs added to iptables rules to avoid their blacklisting
* Crash report now only sends the first 100 lines of iptables rules per table.
-- bitninja.IO team <packaging@bitninja.io> Wed, 04 Jan 2017 18:14:40 +0100
bitninja (1.12.8) stable; urgency=low
* API key is always sent to API via POST request.
* Greylist restoring separated in 10 steps for better performance.
-- bitninja.IO team <packaging@bitninja.io> Wed, 21 Dec 2016 16:01:13 +0100
bitninja (1.12.7) stable; urgency=low
* TwitterBot is now domain-whitelisted.
* SenseLog nice level can be set in config.ini, now set to 15.
* MalwareDetection inotify version check fixed. Only supported version 3.14.
* SimulatedIpset will flush chains over 10000 IPs due to performance problem.
* SenseLog MysqlLogin and FtpPureftpd filters taken out from test stage.
* Disabled the pure-ftpd filter by default. Can be reenabled in /etc/bitninja/SenseLog/config.ini.
-- bitninja.IO team <packaging@bitninja.io> Tue, 20 Dec 2016 15:37:42 +0100
bitninja (1.12.6) stable; urgency=low
* IpFilter turn on for everyone.
* Whitelisting some missing Google mail servers.
* Whitelisting ebay.com.
* Bugfix for CaptchaHttp request string pharsing.
* Bugfix for CaptchaHttp redirection.
-- bitninja.IO team <packaging@bitninja.io> Wed, 16 Nov 2016 16:40:46 +0100
bitninja (1.12.5) stable; urgency=low
* SenseLog supervisors can be disabled in /etc/bitninja/SenseLog/config.ini.
* CaptchaHttp now checks remote address at connection time.
* DosDetection LocalIp filter undefined interface address bug fixed.
* Turkish translation added to CaptchaHttp. Thanks for Egehan D. from Hostinger.com
* Joomla Brute force detection rule added to SenseLog.
* New Plesk logroute added to SenseLog.
-- bitninja.IO team <packaging@bitninja.io> Fri, 04 Nov 2016 17:48:31 +0100
bitninja (1.12.4) stable; urgency=low
* AnitFlood Black listing limit decreased to 15 from 30.
* DosDetection now will not watch local ips.
* Fix in WAF enabling checking.
* Users now can override default multilanguage template file
with /etc/bitninja/CaptchaHttp/www/captcha_challenge_template.html.
* StartTLS support added to CaptchaSmtp by Robert Campbell. Many thanks for your help with it :).
-- bitninja.IO team <packaging@bitninja.io> Mon, 24 Oct 2016 15:58:42 +0100
bitninja (1.12.3) stable; urgency=low
* binaryedge.ninja, uptimerobot.com added to domain whitelist.
* apache2, nginx, lighttpd, mysql should start before BitNinja.
-- bitninja.IO team <packaging@bitninja.io> Tue, 18 Oct 2016 15:29:10 +0100
bitninja (1.12.2) stable; urgency=low
* Native blacklist management refactored.
-- bitninja.IO team <packaging@bitninja.io> Tue, 27 Sep 2016 11:28:45 +0100
bitninja (1.12.1) stable; urgency=low
* Bitninja use segmented blacklist for ipset v4.
-- bitninja.IO team <packaging@bitninja.io> Thu, 22 Sep 2016 21:18:07 +0100
bitninja (1.12.0) stable; urgency=low
* New log rule for Postfix added.
* Porthoneypot now waits 30 minutes before starting after server restart.
* Symantec.com is now whitelisted.
* Nodeping server monitoring is now domain-whitelisted.
* New incident level newLog added.
* New Sql injection detector rules added to WAF.
* Users can define their own WAF rules at /etc/bitninja/WAF/Rules/userRules.php.
* Users can define their valid requests at /etc/bitninja/WAF/Rules/userValidRequests.php for testing purpose.
* WAF uses php arrays for rule definition instead of ini format.
* WAF can be started in logging mode, which is not interfearing with HTTP requests. It can be set in the config.ini.
* File upload filter added to WAF in order to decrease false positive matches when file upload.
-- bitninja.IO team <packaging@bitninja.io> Wed, 14 Sep 2016 18:57:49 +0100
bitninja (1.11.30) stable; urgency=low
* SenseLog will not analyze logs that were not changed in the last four hours.
* After removing Bitninja, it will stop Bitninja related inotifywait process(es) on rpm based distros.
-- bitninja.IO team <packaging@bitninja.io> Thu, 25 Aug 2016 12:12:15 +0100
bitninja (1.11.29) stable; urgency=low
* Workaround added for CVE-2016-5696
* Initial value added for SenseLogs AbstractLogDetector.
-- bitninja.IO team <packaging@bitninja.io> Tue, 23 Aug 2016 16:07:49 +0100
bitninja (1.11.28) stable; urgency=low
* New mysql log detection added to Senselog.
* Kill MalwareDetection-related inotifywait after removing BitNinja.
* Error detection added to Porthoneypot CheckUptimeBeforeStart method.
* Prevent starting inotifywait more times.
* Fix for ipset V6 restore, when duplicated entries in the lists.
-- bitninja.IO team <packaging@bitninja.io> Mon, 22 Aug 2016 18:22:48 +0100
bitninja (1.11.27) stable; urgency=low
* Minor style fixes on CaptchaHttp page.
* Changed favicon on CaptchaHttp page.
* Prevent caching of favicon.
* Fix module dependencies.
* Initial value added for IpSetUsageDataProvider first_run attribute.
* BitninjaCli checks if private IPs try to add to sets.
* CaptchaSmtp can use different port(s), it can be set in config.ini.
-- bitninja.IO team <packaging@bitninja.io> Wed, 27 Jul 2016 16:45:32 +0100
bitninja (1.11.26) stable; urgency=low
* Greatly reduced the number of unnecessary Api calls
* Fixed PortHoneypot instant greylist without ip checking bug
-- bitninja.IO team <packaging@bitninja.io> Wed, 06 Jul 2016 18:18:26 +0100
bitninja (1.11.25) stable; urgency=low
* BitninjaCli now makes local ipset changes immediately.
* Default Captcha page has been redesigned.
* Language switcher added to Captcha page.
* PortHoneypot waits 10 minutes after Server restart before creating honeypots.
-- bitninja.IO team <packaging@bitninja.io> Tue, 05 Jul 2016 18:36:47 +0100
bitninja (1.11.24) stable; urgency=low
* Fixed ipset V4/V6 list exists localization issue.
* Fixed DosDetection/PortHoneypot netstat localization issue.
* Mistake incident level added to Shogun.
* AntiFlood can handle IPs not yet greylisted.
* AntiFlood limits can be configured from /etc/bitninja/AntiFood/config.ini
* CapthcaSmtp verify now produces Mistake level incidents
* getQueue Api call has been improved significantly.
-- bitninja.IO team <packaging@bitninja.io> Mon, 20 Jun 2016 18:06:10 +0100
bitninja (1.11.23) stable; urgency=low
* MalwareDetection module tries to install inotify-tools if it is not installed yet. Does not enable EPEL repository.
-- bitninja.IO team <packaging@bitninja.io> Fri, 10 Jun 2016 12:29:15 +0100
bitninja (1.11.22) stable; urgency=low
* Fixed: Bitninja failing to restart after API ping timeout error
* IpFilter temporary blacklist interval is now configurable
-- bitninja.IO team <packaging@bitninja.io> Fri, 03 Jun 2016 13:50:47 +0100
bitninja (1.11.21) stable; urgency=low
* System Module now restarts parent process if it stops unusually
* CSF postscript.sh location directory can be changed in IpFilter/config.ini if needed
* Fix in missing command handling on rpm distributions
-- bitninja.IO team <packaging@bitninja.io> Tue, 24 May 2016 11:54:53 +0100
bitninja (1.11.20) stable; urgency=low
* Sha1 Removal. See further information about it at https://wiki.debian.org/Teams/Apt/Sha1Removal
-- bitninja.IO team <packaging@bitninja.io> Wed, 11 May 2016 19:02:56 +0100
bitninja (1.11.19) stable; urgency=low
* Nginx senselog rules added
* ipset usage dataProvider fix
-- bitninja.IO team <packaging@bitninja.io> Tue, 03 May 2016 12:55:04 +0100
bitninja (1.11.18) stable; urgency=low
* Negative badbot_count fixed
* Dos detection notice ipv6 fix
* Bitninja restarts after update, error fixed
* Missing License warning looks nicer
* Socket server socket blind failure
-- bitninja.IO team <packaging@bitninja.io> Mon, 02 May 2016 11:04:19 +0100
bitninja (1.11.17) stable; urgency=low
* Fixing PortHoneypot bug on proxy detection
-- bitninja.IO team <packaging@bitninja.io> Wed, 27 Apr 2016 10:39:13 +0100
bitninja (1.11.16) stable; urgency=low
* SenseLog WP enumeration attack detector and Vsftpd filter is now in production mode
-- bitninja.IO team <packaging@bitninja.io> Mon, 25 Apr 2016 20:16:58 +0100
bitninja (1.11.15) stable; urgency=low
* SenseLog Proftpd filter is now in production mode
-- bitninja.IO team <packaging@bitninja.io> Sat, 16 Apr 2016 13:53:05 +0100
bitninja (1.11.14) stable; urgency=low
* SenseLog is now able to detect in proftpd, pureftpd, vsftpd logs
* SenseLog is now able to detect Wordpress enumeration attack
-- bitninja.IO team <packaging@bitninja.io> Wed, 13 Apr 2016 19:22:23 +0100
bitninja (1.11.13) stable; urgency=low
* SenseLog is now able to detect DirectAdmin logs; thanks for the patch to Antanas
-- bitninja.IO team <packaging@bitninja.io> Fri, 01 Apr 2016 13:16:11 +0100
bitninja (1.11.12) stable; urgency=low
* Qualys continuous security added to global whitelist
* New filters for SenseLog module: recommend_site, Magento scanning, e107 attack (test filters)
-- bitninja.IO team <packaging@bitninja.io> Thu, 31 Mar 2016 15:25:39 +0100
bitninja (1.11.11) stable; urgency=low
* Fixing honeypotify
-- bitninja.IO team <packaging@bitninja.io> Sat, 26 Mar 2016 14:39:45 +0100
bitninja (1.11.10) stable; urgency=low
* Fix for Centos5 repo to contain bitninjacli in /usr/sbin
* bitninjacli reloadiptables command will reload ipset if they have been flushed
-- bitninja.IO team <packaging@bitninja.io> Sat, 05 Mar 2016 16:42:21 +0100
bitninja (1.11.9) stable; urgency=low
* MalwareDetection binary dir.s and BitNinja dir. to exclude list
* XSS vulnerability fix on Captcha pages
* NicDataProfider notice fix
-- bitninja.IO team <packaging@bitninja.io> Thu, 03 Mar 2016 13:22:43 +0100
bitninja (1.11.8) stable; urgency=low
* Disabled CatpchaSmtp, CaptchaHttp, SenseLog modules for free users
* IPFilter module doesn't download ipset again within 15 minutes
-- bitninja.IO team <packaging@bitninja.io> Fri, 19 Feb 2016 18:43:09 +0100
bitninja (1.11.7) stable; urgency=low
* Malware detection scan command with more expressive logging
-- bitninja.IO team <packaging@bitninja.io> Wed, 17 Feb 2016 22:22:23 +0100
bitninja (1.11.6) stable; urgency=low
* Captcha page polish translation; thanks for the patch to Patryk W�?grzynek
* Malware detection scan command
* Malware detection increases max_user_watches value automatically
-- bitninja.IO team <packaging@bitninja.io> Wed, 17 Feb 2016 11:06:52 +0100
bitninja (1.11.5) stable; urgency=low
* Warning added when CaptchaSmtp can't determine delisturl
-- bitninja.IO team <packaging@bitninja.io> Tue, 09 Feb 2016 16:30:09 +0100
bitninja (1.11.4) stable; urgency=low
* PortHoneypot will not redirect port above 1024 (solution for ftp issue)
* WAF rulesets now separated from build process
* Config Added to CaptchaSmtp where mail_captcha_ip can be used in the delisting url
-- bitninja.IO team <packaging@bitninja.io> Mon, 08 Feb 2016 17:05:45 +0100
bitninja (1.11.3) stable; urgency=low
* Bugfix: MalwareDetection enabling
-- bitninja.IO team <packaging@bitninja.io> Fri, 05 Feb 2016 12:12:18 +0100
bitninja (1.11.2) stable; urgency=low
* MalwareDetection custom post-quarantine scripts directory with info file
-- bitninja.IO team <packaging@bitninja.io> Thu, 04 Feb 2016 22:18:13 +0100
bitninja (1.11.1) stable; urgency=low
* Some fixes in MalwareDetection when inotifywait does not exist
-- bitninja.IO team <packaging@bitninja.io> Thu, 04 Feb 2016 18:28:20 +0100
bitninja (1.11.0) stable; urgency=low
* New module introduced: MalwareDetection. In beta version.
-- bitninja.IO team <packaging@bitninja.io> Wed, 03 Feb 2016 21:18:44 +0100
bitninja (1.10.11) stable; urgency=low
* Target for whitelist or Bitninja redirections can be set in IpFilter config. Default is RETURNA
-- bitninja.IO team <packaging@bitninja.io> Thu, 28 Jan 2016 16:09:26 +0100
bitninja (1.10.10) stable; urgency=low
* Fix CSF firewall installation detection
-- bitninja.IO team <packaging@bitninja.io> Wed, 27 Jan 2016 13:20:14 +0100
bitninja (1.10.9) stable; urgency=low
* Fix CSF firewall installation detection
-- bitninja.IO team <packaging@bitninja.io> Tue, 26 Jan 2016 15:11:58 +0100
bitninja (1.10.8) stable; urgency=low
* Create CSF integration for Bitninja
* Reload iptables and starting PortHoneypot command option is in BitninjaCli
* Additional bugfixes
-- bitninja.IO team <packaging@bitninja.io> Tue, 26 Jan 2016 12:15:54 +0100
bitninja (1.10.7) stable; urgency=low
* Temporarily disabled PortHoneypot
* Created config file, which allows users to disable modules
-- bitninja.IO team <packaging@bitninja.io> Sat, 16 Jan 2016 12:52:16 +0100
bitninja (1.10.6) stable; urgency=low
* Slight changes on the honeypot ports. Removed 113, 443 from the list of constant honeypot ports.
-- bitninja.IO team <packaging@bitninja.io> Thu, 14 Jan 2016 00:07:11 +0100
bitninja (1.10.5) stable; urgency=low
* Most vulnerable ports added to default PortHoneypot config
-- bitninja.IO team <packaging@bitninja.io> Wed, 13 Jan 2016 20:45:02 +0100
bitninja (1.10.4) stable; urgency=low
* Simplyfied IPv4 rules used in iptables
* AddRediretion command now used for port forwarding
-- bitninja.IO team <packaging@bitninja.io> Wed, 13 Jan 2016 12:55:29 +0100
bitninja (1.10.3) stable; urgency=low
* Some bug fix for iptables rules in ipsetv4 in AddRedirection command
* RestoreRedirection method added to IpFilter module
* CatpchaSmtp, CaptchaHttp, SenseLog modules enabled for free users for two weeks
-- bitninja.IO team <packaging@bitninja.io> Mon, 11 Jan 2016 20:43:47 +0100
bitninja (1.10.2) stable; urgency=low
* Smaller fixes for PortHoneypot
-- bitninja.IO team <packaging@bitninja.io> Fri, 08 Jan 2016 16:54:14 +0100
bitninja (1.10.1) stable; urgency=low
* Fixed misconfiguration
-- bitninja.IO team <packaging@bitninja.io> Wed, 06 Jan 2016 19:14:06 +0100
bitninja (1.10.0) stable; urgency=low
* PortHoneypot module was added
-- bitninja.IO team <packaging@bitninja.io> Wed, 06 Jan 2016 17:26:01 +0100
bitninja (1.9.10) stable; urgency=low
* iptables rules in IpFilter have been simplified
* The treshold of ApacheWpLoginFilter is decreased to 50 requests in 10 minutes - thank you for the idea for Brad Bell
* ApacheWpLoginFilter can detect attacks if the query string contains an URI
* ApacheWpLoginFilter can detect attacks if wp-login.php is in a subdirectory
-- bitninja.IO team <packaging@bitninja.io> Tue, 05 Jan 2016 13:24:51 +0100
bitninja (1.9.9) stable; urgency=low
* Fixed bug which caused that CaptchaSmtp was unable to determine IPs.
-- bitninja.IO team <packaging@bitninja.io> Mon, 21 Dec 2015 20:31:55 +0100
bitninja (1.9.8) stable; urgency=low
* Incidents from *.hotmail.com will be filtered by the Shogun module
-- bitninja.IO team <packaging@bitninja.io> Mon, 21 Dec 2015 16:15:47 +0100
bitninja (1.9.7) stable; urgency=low
* CaptchaSmtp bugfix for closed connections
* CaptchaSmtp hash expiration time increased to 40 hours
-- bitninja.IO team <packaging@bitninja.io> Mon, 21 Dec 2015 11:32:44 +0100
bitninja (1.9.6) stable; urgency=low
* Fixing Bitninja permissions for CentOS
-- bitninja.IO team <packaging@bitninja.io> Fri, 18 Dec 2015 15:33:02 +0100
bitninja (1.9.5) stable; urgency=low
* Fix for WAF IpTables rule and WAF can detect Remote Command Execution Vulnerability in Joomla.
* Permission fix for Bitninja directories.
-- bitninja.IO team <packaging@bitninja.io> Thu, 17 Dec 2015 13:07:09 +0100
bitninja (1.9.4) stable; urgency=low
* Fix for CaptchaSmpt to allow greylisted IPs to access the CAPTCHA page on its port.
-- bitninja.IO team <packaging@bitninja.io> Tue, 15 Dec 2015 18:24:59 +0100
bitninja (1.9.3) stable; urgency=low
* Fixed StartSSL bug and high memory usage in CaptchaSmtp
* SenseWebHoneypot is now able to recieve data in multiple TCP segments
* POST data is turncated in SenseWebHoneypot so it can be sent through IPC message queues
-- bitninja.IO team <packaging@bitninja.io> Mon, 07 Dec 2015 21:57:07 +0100
bitninja (1.9.2) stable; urgency=low
* Temporarily disabling CaptchaSMTP module
-- bitninja.IO team <packaging@bitninja.io> Fri, 27 Nov 2015 14:19:24 +0100
bitninja (1.9.1) stable; urgency=low
* Fixed bug that may cause reading the original swappiness wrongly
-- bitninja.IO team <packaging@bitninja.io> Thu, 26 Nov 2015 13:16:30 +0100
bitninja (1.9.0) stable; urgency=low
* Enabled CaptchaSmtp module
* Fixed bug that caused DataProvider to report incorrect statistics about greylist
* Removing IPs from the greylist will also remove them from blacklist
* It is now possible to reject requests on UDP port 53
* Fixed bug in the self-update script that made BitNinja to restart two times on Debian-based hosts
* bitninjacli displays help message when no known parameters are used
* bitninjacli options related to WAF are now beeing displayed
* Swappiness is now being set to 0 while loading the IP lists
-- bitninja.IO team <packaging@bitninja.io> Wed, 25 Nov 2015 21:05:36 +0100
bitninja (1.8.9) stable; urgency=low
* Fixed bug in the IpFilter module.
-- bitninja.IO team <packaging@bitninja.io> Fri, 13 Nov 2015 16:03:20 +0100
bitninja (1.8.8) stable; urgency=low
* Fixed bug in the CaptchaSmtp pre-release module.
-- bitninja.IO team <packaging@bitninja.io> Wed, 11 Nov 2015 17:04:19 +0100
bitninja (1.8.7) stable; urgency=low
* Fixed bug that prevented the creation of more than one shared memory blocks on hosts with 32 bit architecture.
-- bitninja.IO team <packaging@bitninja.io> Mon, 09 Nov 2015 12:25:37 +0100
bitninja (1.8.6) stable; urgency=low
* WAF will find IPs of the host and start a server for each of them
* Refined wp-login SenseLog filter so that it will only recognise requests, as attack attempt is the query string itself contains the pattern
* Refined abdullkarem SenseLog filter
-- bitninja.IO team <packaging@bitninja.io> Fri, 06 Nov 2015 19:27:53 +0100
bitninja (1.8.5) stable; urgency=low
* WAF can be turned on or off via bitninjacli
-- bitninja.IO team <packaging@bitninja.io> Mon, 02 Nov 2015 21:39:09 +0100
bitninja (1.8.4) stable; urgency=low
* Changed WAF patterns to avoid false-positives
* Updated dependencies
-- bitninja.IO team <packaging@bitninja.io> Mon, 02 Nov 2015 14:13:34 +0100
bitninja (1.8.3) stable; urgency=low
* WAF can be enabled/disabled from the admin panel
* IpFilter will reinsert WAF rules on error
* Fixed bug that caused periodical running methods to run more frequently than needed
* Increased maximal count of WAF processes to 1000
-- bitninja.IO team <packaging@bitninja.io> Thu, 29 Oct 2015 17:50:49 +0100
bitninja (1.8.2) stable; urgency=low
* Request string, message headers and body are dumped to the log when WAF sends an incident
* New enable/disable script with less dependencies
* IPs from WAF incidents are greylisted locally
* User configuration file for WAF
-- bitninja.IO team <packaging@bitninja.io> Fri, 23 Oct 2015 12:06:31 +0100
bitninja (1.8.1) stable; urgency=low
* WAF settings are moved to configuration files from the code
* Updated package dependencies
-- bitninja.IO team <packaging@bitninja.io> Wed, 21 Oct 2015 14:30:23 +0100
bitninja (1.8.0) stable; urgency=low
* Added WAF module
-- bitninja.IO team <packaging@bitninja.io> Tue, 20 Oct 2015 21:44:44 +0100
bitninja (1.7.16) stable; urgency=low
* IpFilter will only try to recreate BitNinja ruleset once in an hour.
-- bitninja.IO team <packaging@bitninja.io> Fri, 16 Oct 2015 18:32:06 +0100
bitninja (1.7.15) stable; urgency=low
* IpFilter module will now recreate BitNinja's iptables ruleset if it is not intact �?? thanks for the report for Alex Amiras
* Fixed bug in the logging of the messages sent by the running environment
-- bitninja.IO team <packaging@bitninja.io> Fri, 16 Oct 2015 16:23:08 +0100
bitninja (1.7.14) stable; urgency=low
* Several SenseLog filters were modified to be more adaptable to different log formats
* Fixed bug in inclusion of user configuration files
* Added user configuration file for DosDetection module �?? thanks for the request for Emre Ciftci
* Removed googleusercontent.com from whitelisted domains �?? thanks for the help of Brad Bell
* Added SenseLog filter for HTTP request that contains the abdullkarem string
* Fixed bug that caused CaptchaHttp module to send IPC messages to a non-running module
* Added French CAPTCHA page - thanks for the translation for Miguel, at the Philippines
-- bitninja.IO team <packaging@bitninja.io> Wed, 14 Oct 2015 20:57:07 +0100
bitninja (1.7.13) stable; urgency=low
* Added signal handlers for SIGHUP and SIGQUIT signals - thanks for the report to Miktos Tsatsakis
* Fixed bug that prevented startup on Red Hat based distributions if no network was available - thanks for the report to Andrew Shaw
* Fixed bug that caused the logging of suppressed warnings
* Reduced AntiFlood temporary blacklisting from 24 hours to 1 hour
-- bitninja.IO team <packaging@bitninja.io> Thu, 24 Sep 2015 14:04:25 +0100
bitninja (1.7.12) stable; urgency=low
* Added script to Cli module to ease manual greylisting using apache logs
* Fixed bug that caused SenseLog module to watch rotated virtualmin logs - thanks for the report and the patch to Brad Bell at vaxxine.com
-- bitninja.IO team <packaging@bitninja.io> Mon, 07 Sep 2015 20:24:00 +0100
bitninja (1.7.11) stable; urgency=low
* Fixed logging bug that occurred when BitNinja failed to connect the API server
* Added CPanel/WHM login detection to SenseLog module
-- bitninja.IO team <packaging@bitninja.io> Wed, 26 Aug 2015 18:21:25 +0100
bitninja (1.7.10) stable; urgency=low
* Maximum numbers of retries increased when trying to connect to the BitNinja API
* CLI module logs to file
* SenseLog module finds Apache logs placed by Virtualmin
-- bitninja.IO team <packaging@bitninja.io> Tue, 25 Aug 2015 11:23:24 +0100
bitninja (1.7.9) stable; urgency=low
* PageCaptchaVerify refactors $ips to $soure_ip and fixed a bug, that was initialized as null.
* SenseWebHoneypot/lib/WebHoneypotServer.php logging level decreased from info to trace down non-harmful requests.
* TalkBack decreased the amount of logs.
-- bitninja.IO team <packaging@bitninja.io> Tue, 18 Aug 2015 21:47:32 +0100
bitninja (1.7.8) stable; urgency=low
* Bugfix about OpenVZ DoS detection. Thanks for the bug report to Eric Fisher
* Bugfix about netconsole service blocking bitninja to start when booting. Thanks for the bug report to Paul De Crette
-- bitninja.IO team <packaging@bitninja.io> Tue, 18 Aug 2015 00:37:43 +0100
bitninja (1.7.7) stable; urgency=low
* IpFilter module now starts with a lower priority (-10) to prevent startup hung
* and then increase the process priority to -10
-- bitninja.IO team <packaging@bitninja.io> Thu, 13 Aug 2015 21:03:46 +0100
bitninja (1.7.6) stable; urgency=low
* Minor bugfixes about some notice
* Api timeout increased from 10 sec to 20 sec
-- bitninja.IO team <packaging@bitninja.io> Thu, 13 Aug 2015 18:42:06 +0100
bitninja (1.7.5) stable; urgency=low
* Fixed a bug about WebHoneypot (and probably CaptchaHttp) was unable to greylist locally
-- bitninja.IO team <packaging@bitninja.io> Thu, 13 Aug 2015 00:39:03 +0100
bitninja (1.7.4) stable; urgency=low
* Fixed some minor bugs around IpFilter module.
* Getting ready for public release.
-- bitninja.IO team <packaging@bitninja.io> Wed, 12 Aug 2015 00:26:11 +0100
bitninja (1.7.3) stable; urgency=low
* Fixed bug that caused improper deactivation of some rules when using simulated ipset
* Improved log analysis patterns, the SenseLog module can scan customized Apache logs better
* Fixed bug in SocketServer (used by ProxyFilter and SenseWebHoneypot modules) which caused early termination of some connections
* ProxyFilter is disabled by default
* Improved OS detection algorithm
* Added error checking to the startup algorithm, which makes BitNinja more tolerant to API server errors
* Include date and time to the logfiles
-- bitninja.IO team <packaging@bitninja.io> Fri, 07 Aug 2015 15:17:15 +0100
bitninja (1.7.2) stable; urgency=low
* Updated rpm package dependencies
* IpFilter module removes proxyList rules when stopped
* Ip set download bug fixed
-- bitninja.IO team <packaging@bitninja.io> Fri, 31 Jul 2015 13:51:56 +0100
bitninja (1.7.1) stable; urgency=low
* Updated dependencies in the framework.
-- bitninja.IO team <packaging@bitninja.io> Wed, 29 Jul 2015 14:44:45 +0100
bitninja (1.7.0) stable; urgency=low
* ProxyFilter module
* Simulated ipset for users with incompatible kernel
* IpFilter module refactored
-- bitninja.IO team <packaging@bitninja.io> Wed, 29 Jul 2015 12:09:48 +0100
bitninja (1.6.3) stable; urgency=low
* Removed not needed warning messages from observers.
-- bitninja.IO team <packaging@bitninja.io> Thu, 23 Jul 2015 17:52:32 +0100
bitninja (1.6.2) stable; urgency=low
* Fixed bug in CaptchaHttp module, which was caused by trying to select closed sockets.
* DataProvider module can now read NIC data with older versions of the ip command.
* Fixed bug in CaptchaHttp that occured during the verification when no parameters were sent.
-- bitninja.IO team <packaging@bitninja.io> Mon, 20 Jul 2015 15:08:45 +0100
bitninja (1.6.1) stable; urgency=low
* CaptchaHttp indexing bug fix.
-- bitninja.IO team <packaging@bitninja.io> Mon, 13 Jul 2015 19:10:58 +0100
bitninja (1.6.0) stable; urgency=low
* SenseWebHoneypot greylists IPs locally via Shogun.
* SenseWebHoneypot module enabled by default.
-- bitninja.IO team <packaging@bitninja.io> Mon, 13 Jul 2015 15:25:53 +0100
bitninja (1.5.8) stable; urgency=low
* CaptchaHttp module timeout bug fixed
-- bitninja.IO team <packaging@bitninja.io> Thu, 09 Jul 2015 18:52:09 +0100
bitninja (1.5.7) stable; urgency=low
* wp login treshold increased to 50
* fixed user whitelisting on Shogun module
-- bitninja.IO team <packaging@bitninja.io> Tue, 30 Jun 2015 16:02:46 +0100
bitninja (1.5.6) stable; urgency=low
* xmlrpc log analyzer: attack limit inceased to 100 request / 10 minutes.
-- bitninja.IO team <packaging@bitninja.io> Mon, 22 Jun 2015 00:14:36 +0100
bitninja (1.5.5) stable; urgency=low
* Left out from prevoius build:
* ApacheNoscript log checking removed
* ApacheWpXmlrpc log check added
* ApacheGooglemap2 log check added
* ApacheParentDenied log check added
* EximCTimeout log check added
-- bitninja.IO team <packaging@bitninja.io> Tue, 09 Jun 2015 18:26:53 +0100
bitninja (1.5.4) stable; urgency=low
* ApacheNoscript log checking removed
* ApacheWpXmlrpc log check added
* ApacheGooglemap2 log check added
* ApacheParentDenied log check added
* EximCTimeout log check added
-- bitninja.IO team <packaging@bitninja.io> Mon, 01 Jun 2015 22:56:00 +0100
bitninja (1.5.3) stable; urgency=low
* Further fixes for IPv6 DosDetection bug.
-- bitninja.IO team <packaging@bitninja.io> Sun, 31 May 2015 19:18:59 +0100
bitninja (1.5.2) stable; urgency=low
* Hotfix for IPv6 DosDetection bug.
-- bitninja.IO team <packaging@bitninja.io> Sun, 31 May 2015 11:47:22 +0100
bitninja (1.5.1) stable; urgency=low
* DosDetection has been refactored. Now supports exceptions for local and remote ports
* for remote port 25 the new treshold is 200 connections.
* For local 22 port the new treshold is 40 connections.
-- bitninja.IO team <packaging@bitninja.io> Fri, 29 May 2015 22:05:07 +0100
bitninja (1.4.18) stable; urgency=low
* New log analyzer rules (Apache parnet dir denial, Wordpress XmlRpc, Exim logs for connection timeout checks)
* AntiFlood small logging bug fixes
* Cli now supports greylist checking
-- bitninja.IO team <packaging@bitninja.io> Wed, 27 May 2015 17:29:38 +0100
bitninja (1.4.17) stable; urgency=low
* Small fix in linux distributin detection.
-- bitninja.IO team <packaging@bitninja.io> Wed, 20 May 2015 22:39:26 +0100
bitninja (1.4.16) stable; urgency=low
* Changed iptables requirement from 1.4.7 to 1.4.4
-- bitninja.IO team <packaging@bitninja.io> Wed, 20 May 2015 18:10:24 +0100
bitninja (1.4.15) stable; urgency=low
* Filtering incident flood.
* 1e100.net domain whitelisted
* Fix in the Captcha module so the user will be auto-redirected to the address where he/she came from.
-- bitninja.IO team <packaging@bitninja.io> Tue, 19 May 2015 23:26:51 +0100
bitninja (1.4.14) stable; urgency=low
* Further hotfix for SenseLog stability and memory leak.
-- bitninja.IO team <packaging@bitninja.io> Sat, 16 May 2015 21:59:18 +0100
bitninja (1.4.13) stable; urgency=low
* Further fixes in log detection to avoid module crashes.
-- bitninja.IO team <packaging@bitninja.io> Sat, 16 May 2015 14:09:02 +0100
bitninja (1.4.12) stable; urgency=low
* Small fix in log detection logging not to flood logs and andmin panel
-- bitninja.IO team <packaging@bitninja.io> Sat, 16 May 2015 02:38:10 +0100
bitninja (1.4.11) stable; urgency=low
* Check for IpTables rules every 5 minutes and fix them if needed.
* Small fix in log detection logging not to flood logs and andmin panel
* Now bitninja client utilizes http cookie-based session in communication with the central server.
* Small fix not to restart thread so often b/c of api server error.
-- bitninja.IO team <packaging@bitninja.io> Fri, 15 May 2015 18:01:03 +0100
bitninja (1.4.10) stable; urgency=low
* - Fix for open file descriptor limit.
-- bitninja.IO team <packaging@bitninja.io> Thu, 14 May 2015 17:18:40 +0100
bitninja (1.4.9) stable; urgency=low
* SenseWebHoneypot introduced but switched off at config.php
* Fixed a bug about greylist disabling
* Captcha challange page extended with honeypot juice and e-mail honey
* Log detection now supports cPanel and Plesk apache access and error logs.
-- bitninja.IO team <packaging@bitninja.io> Mon, 11 May 2015 22:01:09 +0100
bitninja (1.5.0) stable; urgency=low
* New sense module has been introduced. Welcome the SenseWebHoneypot module!
* This module makes it possible to plant honeypot mines into php websites and to send incidnet about abuser IP-s.
* Currently this module is in beta test phase.
-- bitninja.IO team <packaging@bitninja.io> Thu, 07 May 2015 19:44:54 +0100
bitninja (1.4.8) stable; urgency=low
* Same as before, just to trigger auto-update on servers.
-- bitninja.IO team <packaging@bitninja.io> Wed, 06 May 2015 15:52:12 +0100
bitninja (1.4.7) stable; urgency=low
* Bugfix release
* found and fixed bug in the CaptchaHttp google ip auto-whitelist functionality.
-- bitninja.IO team <packaging@bitninja.io> Tue, 05 May 2015 16:37:50 +0100
bitninja (1.4.6) stable; urgency=low
* Bugfix release
* found and fixed bug in the framework in os detection code.
-- bitninja.IO team <packaging@bitninja.io> Tue, 05 May 2015 11:29:50 +0100
bitninja (1.4.5) stable; urgency=low
* Bugfix release
* found a bug in the framework that can lead to misbehavoiur in many parts. Bug fixed.
-- bitninja.IO team <packaging@bitninja.io> Tue, 05 May 2015 01:57:19 +0100
bitninja (1.4.4) stable; urgency=low
* Bugfix release
* www.google.com availability check introduced into the CAPTCHA module
* 1e100.net removed from domain whitelist
* major bug found and fixed in the AntiFlood module
-- bitninja.IO team <packaging@bitninja.io> Mon, 04 May 2015 14:25:45 +0100
bitninja (1.4.3) stable; urgency=low
* Bugfix release
* removed baidu.com from general domain whitelist b/c of user complaints
* added protection.outlook.com to domain whitelist
* 1e100.net added temporarly to the domain whitelist, but it is not
permanent, will be removed soon. It is necessary to make sure users do not greylist www.google.com, as it is needed for the reCAPTCHA to work.
* Workaround in progress.
-- bitninja.IO team <packaging@bitninja.io> Thu, 30 Apr 2015 15:04:14 +0100
bitninja (1.4.2) stable; urgency=low
* Bugfix release because google banned some IPs for CAPTCHA checking. Hotfix for this issue.
-- bitninja.IO team <packaging@bitninja.io> Thu, 30 Apr 2015 00:28:28 +0100
bitninja (1.4.1) stable; urgency=low
* If the outgoing IP of a server is greylisted, it will auto-whitelist itself on the API server.
* Captcha templates fixed the relative paths
* Stopped complaints about whitelisted DOS attempts
-- bitninja.IO team <packaging@bitninja.io> Tue, 14 Apr 2015 14:30:04 +0100
bitninja (1.4.0) stable; urgency=low
* If the outgoing IP of a server is greylisted, it will auto-whitelist itself on the API server.
* We don't start bitninja on debian after installation.
* Captcha templates fixed the relative paths
* Stopped complaints about whitelisted DOS attempts
-- bitninja.IO team <packaging@bitninja.io> Mon, 13 Apr 2015 11:54:19 +0100
bitninja (1.3.7) stable; urgency=low
* DosDetection TIME_WAIT feature removed.
* Small bugfix for Cpatcha page.
-- bitninja.IO team <packaging@bitninja.io> Mon, 30 Mar 2015 22:39:54 +0100
bitninja (1.3.6) stable; urgency=low
* Improved deb/rpm detection.
-- bitninja.IO team <packaging@bitninja.io> Mon, 30 Mar 2015 17:47:53 +0100
bitninja (1.3.5) stable; urgency=low
* DOS detection extended to tcp connections in TIME_WAIT state.
* Bugfix for bitninjacli
-- bitninja.IO team <packaging@bitninja.io> Mon, 30 Mar 2015 15:34:15 +0100
bitninja (1.3.4) stable; urgency=low
* Bugfix for bitninjacli
-- bitninja.IO team <packaging@bitninja.io> Mon, 30 Mar 2015 12:30:53 +0100
bitninja (1.3.3) stable; urgency=low
* Orphaned modules processes auto kill upon startup.
-- bitninja.IO team <packaging@bitninja.io> Sun, 29 Mar 2015 22:54:59 +0100
bitninja (1.3.2) stable; urgency=low
* Checking of auto-update
-- bitninja.IO team <packaging@bitninja.io> Sat, 28 Mar 2015 13:35:37 +0100
bitninja (1.3.1) stable; urgency=low
* BitNinja team pleased to announce the bitninjacli.
* A command line interface for bitninja dashboard.
* Usage: bitninjacli --help
* Available functions are: whitelist|blacklist add|del|check
*
* On rpm based systems do a yum cache clean before auto update
* Updated the contrib files by latest composer versions
* Removing a greylisted IP now automatically removes it from essential list too.
*
* Free version is introduced with it's restrictions.
* SenseLog extended with a Joomla attack vector detection filter.
*
* Fix around timezone settings and php.ini parsing.
*
-- bitninja.IO team <packaging@bitninja.io> Sun, 22 Mar 2015 17:22:46 +0100
bitninja (1.3.0) stable; urgency=low
* BitNinja team pleased to announce the bitninjacli.
* A command line interface for bitninja dashboard.
* Usage: bitninjacli --help
* Available functions are: whitelist|blacklist add|del|check
*
* On rpm based systems do a yum cache clean before auto-update
* Updated the contrib files by latest composer versions
* Removing a greylisted IP now automatically removes it from essential list too.
*
* Free version is introduced with it's restrictions.
*
-- bitninja.IO team <packaging@bitninja.io> Mon, 16 Mar 2015 23:21:39 +0100
bitninja (1.2.2) stable; urgency=low
* Minor bugfix about an etc file, nedded for specific debian versions�?? auto-update to be complete.
* Reduced the log sending frequency to 2 sec.
-- bitninja.IO team <packaging@bitninja.io> Tue, 03 Feb 2015 15:12:56 +0100
bitninja (1.2.1) stable; urgency=low
* Minor bugfix about an etc file, nedded for specific debian versions�?? auto-update to be complete.
* Reduced the log sending frequency to 2 sec.
-- bitninja.IO team <packaging@bitninja.io> Tue, 03 Feb 2015 15:12:27 +0100
bitninja (1.2.0) stable; urgency=low
* Minor bugfix about an etc file, nedded for specific debian versions�?? auto-update to be complete.
* Reduced the log sending frequency to 2 sec.
-- bitninja.IO team <packaging@bitninja.io> Tue, 20 Jan 2015 17:22:09 +0100
bitninja (1.1.3) stable; urgency=low
* unnecessary dependencies were removed
-- bitninja.IO team <packaging@bitninja.io> Fri, 16 Jan 2015 15:30:00 +0100
bitninja (1.1.2) stable; urgency=low
* Minor bugfix about an etc file nedded for specific debian version auto update to complate.
* Reduced the log sending frequency to 2 sec.
-- bitninja.IO team <packaging@bitninja.io> Mon, 12 Jan 2015 22:21:55 +0100
bitninja (1.1.1) stable; urgency=low
* Fixed the way bitninja client sends incidents to the central, it is much more efficient now.
*
-- bitninja.IO team <packaging@bitninja.io> Sat, 10 Jan 2015 19:34:00 +0100
bitninja (1.1.0) stable; urgency=low
* Fixed the way bitninja client sends incidents to the central, it is much more efficient now.
*
-- bitninja.IO team <packaging@bitninja.io> Sat, 10 Jan 2015 16:28:37 +0100
bitninja (1.0.2) stable; urgency=low
* Fixed the way bitninja client sends incidents to the central, it is much more efficient now.
*
-- bitninja.IO team <packaging@bitninja.io> Sat, 10 Jan 2015 16:27:37 +0100
bitninja (1.0.1) stable; urgency=low
* Small fix about fuser syntax on Centos, differs from debian.
-- bitninja.IO team <packaging@bitninja.io> Mon, 30 Dec 2014 16:53:27 +0100
bitninja (1.0.0) stable; urgency=low
* SenseLog module (log analysis) is finished and active
* Auto restart and self-update fixes. (low urgancy)
-- bitninja.IO team <packaging@bitninja.io> Mon, 30 Dec 2014 16:53:27 +0100
bitninja (0.31) stable; urgency=low
* UDP rejection upon greylisted IPs, except port 53
* Cached host resolving on whiteists
* New filter for dos detection for bitninja dns requests.
* Bugfix to prevent process kills on CloudLinux
* You can disabe ipset lists using /etc/bitninja/IpFilter/config.ini
* Bugfixes about Debian6 ipset handling and statistical data sending
* You can put your customized Captcha pages at /etc/bitninja/CaptcahHttp/www
-- bitninja.IO team <packaging@bitninja.io> Mon, 21 Oct 2014 16:53:27 +0100
bitninja (0.30) stable; urgency=low
* Fix for ipset path
-- bitninja.IO team <packaging@bitninja.io> Mon, 21 Oct 2014 16:53:27 +0100
bitninja (0.29) stable; urgency=low
* Some dependency bugs and small bugfixes
-- bitninja.IO team <packaging@bitninja.io> Mon, 21 Oct 2014 16:53:27 +0100
bitninja (0.28) stable; urgency=low
* Many bugfixes done since last release.
-- bitninja.IO team <packaging@bitninja.io> Mon, 21 Oct 2014 16:53:27 +0100
bitninja (0.27) stable; urgency=low
* Changed package name from heimdall to bitninja
* New module: TalkBack is introduced to talk back to attacking servers
* New module: AntFlood blacklist every IP with more than 20 incidents.
-- bitninja.IO team <packaging@bitninja.io> Mon, 09 Oct 2014 16:53:27 +0100
bitninja (0.26) stable; urgency=low
* Minor bugfixes on error handling
-- bitninja.IO team <packaging@bitninja.io> Mon, 21 Sep 2014 16:53:27 +0100
bitninja (0.25) stable; urgency=low
* Further major fixes about crash reporting. Crash reports now sent with http api.
* CloudLinuxServer server type.
-- bitninja.IO team <packaging@bitninja.io> Mon, 09 Sep 2014 16:53:27 +0100
bitninja (0.24) stable; urgency=low
* Major fixes about crash reporting
-- bitninja.IO team <packaging@bitninja.io> Mon, 09 Sep 2014 16:53:27 +0100
bitninja (0.23) stable; urgency=low
* Rules apply for the filter table too
* HoneypotHttp module first version implemented.
* supports web based challenge and delisting for greylisted IPs
* Logging changed to log files in /var/log/bitninja instead of syslog
* ipables rules are moved from filter to mangle and nat
* Improvements about many things
-- bitninja.IO team <packaging@bitninja.io> Mon, 02 Sep 2014 16:02:27 +0100
bitninja (0.22) stable; urgency=low
* Fixes about the rpm version. Deb version is intact
-- bitninja.IO team <packaging@bitninja.io> Mon, 25 Aug 2014 16:02:27 +0100
bitninja (0.21) stable; urgency=high
* Small fixes for logging
* User defined white and blacklists implemented.
* Fixed to use https for api calls instead of pure http
-- bitninja.IO team <packaging@bitninja.io> Sun, 15 Jul 2014 12:02:27 +0200
bitninja (0.20) stable; urgency=high
* Migration running refactored
-- bitninja.IO team <packaging@bitninja.io> Sun, 15 Jul 2014 12:02:27 +0200
bitninja (0.19) stable; urgency=high
* Some major bug fixes mostly around rpm auto update process
* Some additional bug fixes for new format of bitninja ipsets.
-- bitninja.IO team <packaging@bitninja.io> Sun, 15 Jul 2014 12:02:27 +0200
bitninja (0.15) stable; urgency=low
* Some major bug fixes
-- bitninja.IO team <packaging@bitninja.io> Sun, 15 Jul 2014 12:02:27 +0200
bitninja (0.14) stable; urgency=low
* Some major fixes
* Support for older Debian versions (like Debian6)
* More verbose logging
* New format of ip sets. Now using bitninja-greylist. Migration made for updates.
* Syslog log router introduced. BitNinja currently logs every info and higher priority log message
* Upon starting we check for zombie bitninja processes and kill them (fix for an older bug)
-- bitninja.IO team <packaging@bitninja.io> Sun, 11 Jul 2014 12:02:27 +0200
bitninja (0.13) stable; urgency=low
* Some minor fixes
* Nicer logs for IP added and removed from lists
* Prevention of starting multiple instances of bitninja client on the same machine.
* Os detection support for older debian releases
-- bitninja.IO team <packaging@bitninja.io> Sun, 29 Jun 2014 12:02:27 +0200
bitninja (0.12) stable; urgency=low
* patches to work with rpm based systems
-- bitninja.IO team <packaging@bitninja.io> Sun, 29 Jun 2014 12:02:27 +0200
bitninja (0.11) stable; urgency=low
* php rebuild with newly required modules
* NIC discovery
-- bitninja.IO team <packaging@bitninja.io> Sun, 10 Jun 2014 12:02:27 +0200
bitninja (0.10) stable; urgency=high
* Hotfix of config
-- bitninja.IO team <packaging@bitninja.io> Sun, 10 Jun 2014 12:02:27 +0200
bitninja (0.9) stable; urgency=high
* Beta 1
* Self-update process fixed.
* Config files reorganized again. Please remove and reinstall bitninja!
-- bitninja.IO team <packaging@bitninja.io> Sun, 10 Jun 2014 12:02:27 +0200
bitninja (0.8) stable; urgency=low
* RC 3
* minor bugfix for config and auto-update
-- bitninja.IO team <packaging@bitninja.io> Sun, 10 Jun 2014 12:02:27 +0200
bitninja (0.7) stable; urgency=low
* RC 2
* implementing buffered logging
-- bitninja.IO team <packaging@bitninja.io> Sun, 10 Jun 2014 12:02:27 +0200
bitninja (0.6) unstable; urgency=low
* /opt/bitninja/php/bin bug fixed.
-- bitninja.IO team <packaging@bitninja.io> Sun, 10 Jun 2014 12:02:27 +0200
bitninja (0.5) unstable; urgency=low
* RC testing package
* fixed auto-update
* bitninja-config works and installed to /usr/local/sbin
* config file license_key read by WorkerHttp
* ready for tests
-- bitninja.IO team <packaging@bitninja.io> Sun, 10 Jun 2014 12:02:27 +0200
bitninja (0.4) stable; urgency=low
* Fires release candidate testing package
* Built against i386 and amd64 architectures
* Ipset badbot set handling and iptables ruleset handling works great.
* badbot list initialization and continuous update works.
-- bitninja.IO team <packaging@bitninja.io> Sun, 09 Jun 2014 21:02:27 +0200
bitninja (0.3) unstable; urgency=low
* Created standard init script for installation.
* bitninja shield works.
* Initial ipset list downloads automatically. System information sent to bitninjacentral every 2 seconds.
* Iptables rules set automatically.
-- bitninja.IO team <packaging@bitninja.io> Sun, 06 Jun 2014 18:02:27 +0200
bitninja (0.2) unstable; urgency=low
* First iteration
-- bitninja.IO team <packaging@bitninja.io> Sun, 02 Jun 2014 19:30:27 +0200
bitninja (0.1) unstable; urgency=low
* Initial Release.
-- bitninja.IO team <packaging@bitninja.io> Sun, 18 May 2014 21:20:27 +0200