Bitninja Linux Agent changelog

bitninja (1.24.3) stable; urgency=low

  * SslTerminating module will check how many HAProxy processes have been started by it. In case more than one is running, it will stop them.
  * SslTerminating module will not be reloaded, if an invalid certificate has been found.
  * WAF redirection checks will examine the return code of curl, not just the output.
  * The enabled/disabled CLI commands for the old WAF will call the WAFManager module from now on.
  * WAFManager can be configured to create redirections for IPs based on interfaces.

 -- bitninja.IO team <packaging@bitninja.io>  Wed, 17 Oct 2018  18:25:40 +0100

bitninja (1.24.2) stable; urgency=low

  * Reduced some of the SslTerminating module's logs to debug.
  * SslTerminating module checks content of certlist files before inserting an entry in the certlist file too.

 -- bitninja.IO team <packaging@bitninja.io>  Fri, 12 Oct 2018  14:41:20 +0100

bitninja (1.24.1) stable; urgency=low

  * IpFilter module rechecks supported ipset implementation every 5 minutes, when only nullIpset has been found.
  * SslTerminating module removes expired certificates from the cert list file.

 -- bitninja.IO team <packaging@bitninja.io>  Wed, 10 Oct 2018  15:58:39 +0100

bitninja (1.24.0) stable; urgency=low

  * Experimental ConfigParser beta module has been added. It will be used by SslTermitaing, and future modules to understand their environment better.
  * HAProxy can be configured to be in front of WAF 2.0. It will help with connection keep alive releated issues.
  * OpenLiteSpeed Realtime reports have been added to MalwareDetection exclude list.
  * Spanish translation for Captcha page.
  * MalwareDetection FileType filter has been added. It will prevent socket and fifo file checks.

 -- bitninja.IO team <packaging@bitninja.io>  Mon, 08 Oct 2018  13:26:34 +0100

bitninja (1.23.4) stable; urgency=low

  * Cagefs directory added to MalwareDetection's exclude list.
  * MalwareDetection now restarts the inotifywait process if there are any changes in the exclude or monitor configuration.
  * A little correction added to the Spanish CAPTCHA page.

 -- bitninja.IO team <packaging@bitninja.io>  Thu, 13 Sep 2018  12:16:50 +0100

bitninja (1.23.3) stable; urgency=low

  * We added two new SenseLog rules. The first one detects arbitrary file uploader bots, and the second one is for Joomla Spam regers.
  * SenseLog is prepared for future remote config update.
  * Instant blacklist action added to WAFManager. It can be enabled for rules in the config.ini.
  * Virtual WAF honeypotify command added to CLI. It could be useful for blocking web shell access.

 -- bitninja.IO team <packaging@bitninja.io>  Wed, 05 Sep 2018  13:13:55 +0100

bitninja (1.23.2) stable; urgency=low

  * Fixed WAF iptables port redirection rules when Simulated ipset is in use. The rules were not inserted in the correct chain before.

 -- bitninja.IO team <packaging@bitninja.io>  Tue, 28 Aug 2018  17:32:28 +0100

bitninja (1.23.1) stable; urgency=low

  * MalwareScanner scan command supports glob file path patterns. Eg: --scan=/home/*/public_html

 -- bitninja.IO team <packaging@bitninja.io>  Tue, 21 Aug 2018  17:54:30 +0100

bitninja (1.23.0) stable; urgency=low

  * New MalwareScanner module added. This way the malware protection and the malware finding will use different processes.
  * MalwareDetection and MalwareScanner modules support reload from CLI. For now it's the same as module restart.
  * New --add-file-to-signature-set CLI option added. With it you can add a file to your local md5 malware signature set.

 -- bitninja.IO team <packaging@bitninja.io>  Tue, 14 Aug 2018  13:46:46 +0100

bitninja (1.22.7) stable; urgency=low

  * WAFManager will update downloaded configrations on start up, if they're older than one day.
  * SenseLog's false positive rule config has been updated.

 -- bitninja.IO team <packaging@bitninja.io>  Fri, 03 Aug 2018  12:54:23 +0100

bitninja (1.22.6) stable; urgency=low

  * Module remote enable/disable bug has been fixed.

 -- bitninja.IO team <packaging@bitninja.io>  Wed, 01 Aug 2018  15:30:12 +0100

bitninja (1.22.5) stable; urgency=low

  * MalwareDetection checks when restoring from quarantaine whether the destination is a symlink. The module will not restore the file if this is the case.
  * Special thanks to RACK911LABS.COM for notifying us about the above-mentioned issue.
  * IpFilter's double iptables restore bug has been fixed.

 -- bitninja.IO team <packaging@bitninja.io>  Mon, 30 Jul 2018  14:35:31 +0100

bitninja (1.22.4) stable; urgency=low

  * BitNinja agent runs lfd integration and adds bitninja-waf and bitninja-ssl-termintaion to lfd's pignore. This will prevent false alarms about BitNinja.
  * The agent has been prepared to handle new license types.
  * The module enable and disable methods had been unified. SenseLog can be enabled and disabled from the Dashboard.

 -- bitninja.IO team <packaging@bitninja.io>  Tue, 24 Jul 2018  15:01:19 +0100

bitninja (1.22.3) stable; urgency=low

  * SenseLog will ignore cPanel .bkup logs for ApacheAccessLog detector.

 -- bitninja.IO team <packaging@bitninja.io>  Mon, 16 Jul 2018  14:12:01 +0100

bitninja (1.22.2) stable; urgency=low

  * SslTerminating module has health check, which runs every minute.
  * SslTerminating module validates the content of the certificate list file and removes invalid entries.
  * WAFManager can start the WAF on those servers that haven't got a default site enabled.
  * Files created by BitNinja are now only accessible by root.

 -- bitninja.IO team <packaging@bitninja.io>  Fri, 13 Jul 2018  16:45:50 +0100

bitninja (1.22.1) stable; urgency=low

  * Little correction in SenseLog default log file detector configuration. Some falsely detected files will be ignored.

 -- bitninja.IO team <packaging@bitninja.io>  Tue, 10 Jul 2018  12:45:05 +0100

bitninja (1.22.0) stable; urgency=low

  * SenseLog module has been completely refactored. It's speed has improved 109 times.
  * SenseLog can use the Aho-Corasick algorithm to match plain text.
  * SenseLog can check files in different frequencies based on how often their content changes.
  * SenseLog module can be enabled or disabled from Cli/Dashboard on the agent's side. The Dashboard frontend for enabling and disabling will be implemented later.
  * SenseLog can download and reload LogDetector and RuleObject configs. Rules and detector settings will be editable through the BitNinja Dashboard in the future.

 -- bitninja.IO team <packaging@bitninja.io>  Mon, 09 Jul 2018  12:01:50 +0100

bitninja (1.21.0) stable; urgency=low

  * BitNinja SslTerminating module supports HTTP2/h2.
  * BitNinja SslTerminating module's migrations run at module time. This way unseen errors won't interrupt other modules' starting processes.
  * BitNinja SslTerminating module's memory limit can be changed in config.ini. Minimum value is 100 MB, default value is 2 GB.

 -- bitninja.IO team <packaging@bitninja.io>  Tue, 19 Jun 2018  13:00:59 +0100

bitninja (1.20.10) stable; urgency=low

  * SslTermination module downloads the latest bitninja-ssl-termination package. SslTermination supports h2.
  The default bind option is h2,http1.1 for HAProxy. It can be changed in the config.ini.

 -- bitninja.IO team <packaging@bitninja.io>  Wed, 13 Jun 2018  17:55:03 +0100

bitninja (1.20.9) stable; urgency=low

  * IpFilter HAProxy Access Control Support has been added for HTTPS connections.
  The connection won't be terminated from now on: they will be directed to a different backend instead.

 -- bitninja.IO team <packaging@bitninja.io>  Fri, 08 Jun 2018  11:25:35 +0100

bitninja (1.20.8) stable; urgency=low

  * Changed System module repo fixer to use improved OS detection.
  * SslTerminating module checks if /etc/nginx/nginx.conf is present.

 -- bitninja.IO team <packaging@bitninja.io>  Thu, 31 May 2018  18:04:06 +0100

bitninja (1.20.7) stable; urgency=low

  * OpenSuSE compatible changes have been made.
  * OS detection has been improved for further compatiblity changes.
  * Agent will wait 7 seconds before starting if csf has been found to prevent xtables lock on startup.

 -- bitninja.IO team <packaging@bitninja.io>  Thu, 10 May 2018  20:02:45 +0100

bitninja (1.20.6) stable; urgency=low

  * SslTerminating module's Nginx certficate miner supports ssl on Nginx option.
  * CaptchaHttp now uses proxy's IP address instead of client's in incidents that came from HTTPS.
  * KeyCDN edge servers has been added to whitelist.

 -- bitninja.IO team <packaging@bitninja.io>  Tue, 08 May 2018  18:01:17 +0100

bitninja (1.20.5) stable; urgency=low

  * Fixed WAFManager's 'Waiting for configuration download finish' infinite loop bug.

 -- bitninja.IO team <packaging@bitninja.io>  Fri, 27 Apr 2018  11:50:29 +0100

bitninja (1.20.4) stable; urgency=low

  * CAPTCHA pages use recaptcha.net instead of google.com. This way the CAPTCHA will appear in China too.

 -- bitninja.IO team <packaging@bitninja.io>  Thu, 26 Apr 2018  14:10:42 +0100

bitninja (1.20.3) stable; urgency=low

  * Danish translation has been added to CAPTCHA page.
  * WAF/WAFManager will remove WAF related iptables rules on Agent stop.
  * SslTerminating module now can collect certificates from misconfigured Apache configs too.
  * The value of min_free_kbytes has been increased to the 10% of the server total memory (2GB is the maximum). This will fix page allocation failure on tcp calls.

 -- bitninja.IO team <packaging@bitninja.io>  Wed, 18 Apr 2018  16:25:57 +0100

bitninja (1.20.2) stable; urgency=low

  * MalwareDetection First line cleaner has been enabled globally.
  * Permissions are fixed when MalwareDetection restores file from quarantaine.
  * PortHoneypot checks if mysqld is available and it will ignore port 3306.
  * BitNinja Cli collects more log information.

 -- bitninja.IO team <packaging@bitninja.io>  Wed, 11 Apr 2018  18:07:19 +0100

bitninja (1.20.1) stable; urgency=low

      * Improvements in CaptchaHttp successful CAPTCHA redirections. It should fix the missing verify.php issue.

     -- bitninja.IO team <packaging@bitninja.io>  Wed, 28 Mar 2018  14:19:23 +0100

bitninja (1.20.0) stable; urgency=low

  * BitNinja-dojo dependency increased to 2.2.0. AhoCorasick PHP extension added. Aho-Corasick multiple string search algorithm is 80 times faster than strpos-foreach.
  * MalwareDetection uses the Aho-Corasick algorithm for Hex detector. Performance is improved by 1000-3000% approximately.
  * First-line PHP injection cleaner experimental detector added to MalwareDetection. This detector will clean the infected file instead of moving it to quarantine. It can be enabled in the config.ini.

     -- bitninja.IO team <packaging@bitninja.io>  Tue, 27 Mar 2018  19:23:14 +0100

bitninja (1.19.7) stable; urgency=low

  * MalwareDetection file type witelisting feature has been improved. It means 50% performance improvement.
  * WAFManager log directory creation permission has been fixed. Logrotate will not issue an error about it.

     -- bitninja.IO team <packaging@bitninja.io>  Thu, 22 Mar 2018  13:01:12 +0100

bitninja (1.19.6) stable; urgency=low

      * BitNinja-dojo dependency increased to 2.1.0. It's a PHP 7.2.3 interpreter, which supports pthread for further performance improvements.
      * Netfilter conntrack limit dependencies can be changed in /etc/bitninja/IpFilter/config.ini. Not advised.

     -- bitninja.IO team <packaging@bitninja.io>  Mon, 19 Mar 2018  14:44:15 +0100

bitninja (1.19.5) stable; urgency=low

  * WAFManager uses DNAT for iptables redirections to support virtual IP addresses.

     -- bitninja.IO team <packaging@bitninja.io>  Thu, 08 Mar 2018  17:42:38 +0100

bitninja (1.19.4) stable; urgency=low

  * PHP 7.2 compatible code changes releated to OutboundWAF.
  * WAFManager retries to bind on its port 3 times.

     -- bitninja.IO team <packaging@bitninja.io>  Wed, 07 Mar 2018  17:38:34 +0100

    bitninja (1.19.3) stable; urgency=low

      * PortHoneypot excludes cPanel and Plesk service ports.
      * Agent log levels and messages had been corrected. Unused code lines had been removed.
      * PHP 7.2 compatible code changes.

     -- bitninja.IO team <packaging@bitninja.io>  Thu, 01 Mar 2018  15:44:33 +0100

    bitninja (1.19.2) stable; urgency=low

      * Greylist and Blacklist enabled for everyone.

     -- bitninja.IO team <packaging@bitninja.io>  Tue, 13 Feb 2018  12:42:48 +0100

    bitninja (1.19.1) stable; urgency=low

      * DirectAdmin user counting method improved. Special thanks to Duncan Emanuels for the cooperation.
      * WAFManager HTTPS protection can be enabled through Dashboard - for Alpha testers only.
      * PHP 7.2 compatibility changes made for the upcoming Dojo.

     -- bitninja.IO team <packaging@bitninja.io>  Thu, 08 Feb 2018  17:40:09 +0100

    bitninja (1.19.0) stable; urgency=low

      * WAFManager checks bitninja-waf service status every 2 minutes. This will ensure protection is up and running.
      * WAFManager supports HTTPS configuration. New bitninja-waf and downloaded config version were needed.
      * WAFManager automatically updates bitninja-waf to latest release.

     -- bitninja.IO team <packaging@bitninja.io>  Tue, 23 Jan 2018  16:56:34 +0100

    bitninja (1.18.14) stable; urgency=low

      * Relative path can be used with CLI.
      * Exclude /home/virtfs from Malware Detection.

     -- bitninja.IO team <packaging@bitninja.io>  Wed, 17 Jan 2018  18:41:39 +0100

    bitninja (1.18.13) stable; urgency=low

      * File permission severity increased for SSL termination related folders.
      * CaptchaHttp BIC page is only shown once for HTTPS connections.

     -- bitninja.IO team <packaging@bitninja.io>  Thu, 04 Jan 2018  18:21:08 +0100

    bitninja (1.18.12) stable; urgency=low

      * CaptchaHttp misleading incident type corrected when greylisted connections only load CAPTHCA page.
      * SslTerminating error message reduced to info level, when no certificate file available yet for HAProxy.
      * WAFManager start-up error fixes.
      * IpFilter module now asks System module to reactivate other modules, when iptables rules have to be reloaded.

     -- bitninja.IO team <packaging@bitninja.io>  Wed, 03 Jan 2018  18:30:12 +0100

    bitninja (1.18.11) stable; urgency=low

      * Applebot added to whitelist.
      * PHP 7 compatibility improvements.
      * WAFManager configuration reload error fixed when the request is taking too long.

     -- bitninja.IO team <packaging@bitninja.io>  Thu, 21 Dec 2017  12:47:13 +0100

    bitninja (1.18.10) stable; urgency=low

      * Bugfix: WAFManager won't generate an incident every time the WAF module blocks a request.

     -- bitninja.IO team <packaging@bitninja.io>  Tue, 12 Dec 2017  18:09:17 +0100

    bitninja (1.18.9) stable; urgency=low

      * Pingdom added to global whitelist.
      * New CLI option --remove-rules added. It can be used to remove every iptables and ipset added by BitNinja.
      * BitNinja module processes can be started, stopped and restarted from CLI.
      * Translations added to BIC page.

     -- bitninja.IO team <packaging@bitninja.io>  Wed, 06 Dec 2017  16:37:56 +0100

    bitninja (1.18.8) stable; urgency=low

      * pinterest.com added to domain whitelist.
      * Porthoneypot now skips TCP echo (port 7).
      * CaptchaHttp will only generate incidens if ? is present in uri.
      * Almost every BitNinja module can receive enabled, disabled, reload commands.

     -- bitninja.IO team <packaging@bitninja.io>  Wed, 22 Nov 2017  15:20:59 +0100

    bitninja (1.18.7) stable; urgency=low

      * Socket files excluded from Malware Detection module configuration.
      * Ssl Terminating and WAF Manager module error logs now saved to mod.ssl_termiting.log and mod.waf_manager.log.
      * Minor bug fixes in Browser Integrity Check and Ssl Terminating module.

     -- bitninja.IO team <packaging@bitninja.io>  Mon, 13 Nov 2017  15:39:35 +0100

    bitninja (1.18.6) stable; urgency=low

      * Magento magmi.php and magmi.ini Log Analyzer filter had been disabled.
      * PortHoneypot will not create honeyport on port 43.
      * WAFManager's Audit logging is disabled by default, because it generates too many logs.

     -- bitninja.IO team <packaging@bitninja.io>  Thu, 09 Nov 2017  16:30:51 +0100

    bitninja (1.18.5) stable; urgency=low

      * Small fixes in Browser Integrity Check. These will reduce false positive delistings.
      * Loading CAPTCHA page or Browser Integrity Check page will generate 'mistake level' incidents. Ten 'mistake level' incidents count as one 'normal level' incident.
      * Small UI fixes on CAPTCHA page.

     -- bitninja.IO team <packaging@bitninja.io>  Tue, 31 Oct 2017  14:44:42 +0100

    bitninja (1.18.4) stable; urgency=low

      * Small fixes in Browser Integrity Check. These will reduce false positive delistings.

     -- bitninja.IO team <packaging@bitninja.io>  Fri, 27 Oct 2017  16:32:41 +0100

    bitninja (1.18.3) stable; urgency=low

      * When the IpFilter module starts up, it will remove all rules left in iptables filter table which have the comment: "Rule added by Bitninja".

     -- bitninja.IO team <packaging@bitninja.io>  Thu, 19 Oct 2017  12:08:51 +0100

    bitninja (1.18.2) stable; urgency=low

      * Log rotation added for log files under /var/log/bitninja/WAFManager.
      * Minor bugfixes in Browser Integrity Check.

     -- bitninja.IO team <packaging@bitninja.io>  Wed, 18 Oct 2017  16:43:23 +0100

    bitninja (1.18.1) stable; urgency=low

      * Fixed a redirection bug on Browser Integrity Check

     -- bitninja.IO team <packaging@bitninja.io>  Mon, 16 Oct 2017  16:00:25 +0100

    bitninja (1.18.0) stable; urgency=low

      * Added Browser Integrity Check to the CAPTCHA module for greylisted connections on HTTP and HTTPS

     -- bitninja.IO team <packaging@bitninja.io>  Mon, 16 Oct 2017  14:09:40 +0100

    bitninja (1.17.4) stable; urgency=low

      * WAFManager supports ModSecurity v3.

     -- bitninja.IO team <packaging@bitninja.io>  Fri, 13 Oct 2017  16:43:06 +0100

    bitninja (1.17.3) stable; urgency=low

      * Small correction in the parsing of nginx configs.

     -- bitninja.IO team <packaging@bitninja.io>  Thu, 12 Oct 2017  16:09:16 +0100

    bitninja (1.17.2) stable; urgency=low

      * Cpanel internal users, mailman, clamav users are not counted in non system users number.

     -- bitninja.IO team <packaging@bitninja.io>  Wed, 04 Oct 2017  14:10:13 +0100

    bitninja (1.17.1) stable; urgency=low

      * The quarantine functionality in the Malware Detection module is configurable now: it is enabled by default and can be
      disabled in the module's config.ini file. Plus it is now possible to add post-detection, post-quarantine and post-honeypotify scripts.
      * Added prefiltering mechanism for the SenseLog module, which should reduce the CPU usage.
      * WAFManager supports 32 bit operation systems.

     -- bitninja.IO team <packaging@bitninja.io>  Wed, 27 Sep 2017  16:49:10 +0100

    bitninja (1.17.0) stable; urgency=low

      * New WAFManager beta module added. This module will replace the current WAF. Currently it can be started through CLI only.
      It will only work in log mode till the beta test is finished.
      * External IPs extracted by dig added to local whitelists, too. This will reduce the number of false positives.

     -- bitninja.IO team <packaging@bitninja.io>  Mon, 18 Sep 2017  17:05:19 +0100

    bitninja (1.16.24) stable; urgency=low

      * Successful CAPTCHA solving now removes the last IP from the greylist in the X-FORWARDED-FOR header too,
        if local reverse proxy is used. This will help removing greylisted CDN IPs from the greylist.
      * Multiple config parser bugs fixed in SslTerminating certificate miners.

     -- bitninja.IO team <packaging@bitninja.io>  Wed, 06 Sep 2017  18:50:11 +0100

    bitninja (1.16.23) stable; urgency=low

      * Apache certificate miner uses ServerRoot directive when following relative includes.

     -- bitninja.IO team <packaging@bitninja.io>  Fri, 01 Sep 2017  14:12:43 +0100

    bitninja (1.16.22) stable; urgency=low

      * Ssl Terminating certificate miners support Nginx and LiteSpeed.

     -- bitninja.IO team <packaging@bitninja.io>  Mon, 28 Aug 2017  13:40:40 +0100

    bitninja (1.16.21) stable; urgency=low

      * Bugfix: IP removal from heimdall-nt-blacklist and heimdall-essetiallist when an IP address is removed from the
        greylist will happen correctly from now on.

     -- bitninja.IO team <packaging@bitninja.io>  Wed, 23 Aug 2017  17:46:32 +0100

    bitninja (1.16.20) stable; urgency=low

      * More precise log file filtering has been added to SenseLog module, which will leave unneeded files alone in CPanel's domlogs.
        This will reduce CPU usage on CPanel. Special thanks to Giuseppe Tanzilli for the assistance.
      * SenseLog SQL Injection filter has been enabled, after successful beta testing.

     -- bitninja.IO team <packaging@bitninja.io>  Wed, 23 Aug 2017  12:44:04 +0100

    bitninja (1.16.19) stable; urgency=low

      * Bugfix in the IpSetAddIp/IpSetDelIp commands to avoid set size calculation errors.
      * Post-quarantine script execution in MalwareDetection module's Quarantine Manager was fixed.
      * System module will fix the repository automatically, in case a wrong one has been installed before.
      * Bugfix in the SslTerminating module. Package installation problems in case of Centos 7 or Cloud Linux 7 have been fixed.
      * DNS filtering is disabled, until DNS Captcha feature is fully implemented.

     -- bitninja.IO team <packaging@bitninja.io>  Thu, 10 Aug 2017  12:25:09 +0100

    bitninja (1.16.18) stable; urgency=low

      * AntiFlood feature is enabled by default for servers with Free license.
      * Agents won't send incidents about an IP after successfully solving the Captcha with the next batch of incident sending.
      * New SQL injection beta pattern was added to SenseLog. It will detect basic SQL injection attempts.

     -- bitninja.IO team <packaging@bitninja.io>  Thu, 03 Aug 2017  16:37:06 +0100

     bitninja (1.16.17) stable; urgency=low

      * Reduced tresholds - to 60 secs - to PostfixLogin supervisor to avoid false-positives.
      * Reduced OutboundWAF domain cache to 5 minutes. This will reduce connection errors, when remote server IP address is changed.
      * BitNinja doesn’t wait 10 seconds after start. This reduces startup time.
      * Greylist and blacklist got disabled for servers with Free license.
      * Two Blind SQL injection beta rules were added to SenseLog. These rules will not generate incidents on the Dashboard during the beta test.

     -- bitninja.IO team <packaging@bitninja.io>  Thu, 27 Jul 2017  18:40:54 +0100

     bitninja (1.16.16) stable; urgency=low

      * New Api server IPs added to IpFilter's whitelist.
      * Apache Enumeration Filter only checks author enumeration when it's the only parameter. This will reduce false positives made by this filter.
      * DataProvider use static_pcntl_sleep, this way it won't stuck in 'Waiting for IpFilter to load sets' state.
      * SimulatedIpset missing rule checking feature added. This will make SimulatedIpset implementaion more robust.
      * User white and blacklist priority switched. Previous order made some confusions, now user whitelist has the highest priority.

     -- bitninja.IO team <packaging@bitninja.io>  Tue, 18 Jul 2017  17:51:35 +0100

     bitninja (1.16.15) stable; urgency=low

      * Inotify logs rotate every hour, for better performance.
      * Comment function added to black/whitelisting via cli. Use it like: bitninjacli --whitelist --add 1.2.3.4 --comment "My comment."

     -- bitninja.IO team <packaging@bitninja.io>  Mon, 10 Jul 2017  15:16:19 +0100

    bitninja (1.16.14-1) stable; urgency=low

      * Built-in inotify log rotation by Logrotate for better management of growing log files.
      * Dutch translation added to the Captcha page.
      * Simulated ipset restoring bug fixed. Country block feature supports simulated ipset from now on.

     -- bitninja.IO team <packaging@bitninja.io>  Fri, 07 Jul 2017  17:41:29 +0100

    bitninja (1.16.13) stable; urgency=low

     * New cli command: restore file from quarantine to the original path and with the original owner,
       group and permissions. bitninjacli --restore.
     * MalwareDetection inotifywait counter made more precise. This will prevent inotifywait from start multiple times.
     * Bugfix of IpFilter's iptables rule check function.
     * IpFilter now looking for missing filter table rules too. This will make the agent more compatible
       with some firewall solutions.
     * IpFilter set activation result is monitored, and if it failed for a set it will create an empty set for it,
       and try to reload it every 5 minutes till it's successfully restored.

    -- bitninja.IO team <packaging@bitninja.io>  Fri, 30 Jun 2017  14:58:46 +0100

    bitninja (1.16.12) stable; urgency=low

     * Bitninja won't restart inotifywait process before upgrades. This will reduce Bitninja startup load.

    -- bitninja.IO team <packaging@bitninja.io>  Mon, 26 Jun 2017  12:14:34 +0100

    bitninja (1.16.11) stable; urgency=low

      * When more than one inotifywait processes are running, bitninja will stop the unnecessary ones. This
        will reduce load generated by inotifywait.
      * Null Object iptables, ipset, ip list implementation added to IpFilter. This way missing permissions
        or implementation will not make errors.
      * CaptchaHttp XSS vulnerability fixed.
      * SenseLog's configuration can be reloaded via Cli, like bitninjacli --module=SenseLog --reload
      * New log paths can be added to SenseLog's config.ini in a pattern manner like: /var/apache2/*/*_access.log.

     -- bitninja.IO team <packaging@bitninja.io>  Thu, 22 Jun 2017  12:36:31 +0100

    bitninja (1.16.10) stable; urgency=low

      * Exclude MariaDB database and index file format from inotify watching.
      * IpFilter checks if there isn't any ipset implementation available (iptables rules cannot be added).
      * Problem with unparseable year information from log lines by Senselog is fixed.
      * License information can be queried by the Cli. It can be free, trial, ok (means pro license)

     -- bitninja.IO team <packaging@bitninja.io>  Thu, 15 Jun 2017  12:07:55 +0100

     bitninja (1.16.9) stable; urgency=low

      * New User Agent filter added to SenseLog. It will put every request made by specified user agents
            listed in the config.ini on greylist. First enabled agent is: ANTIPIDERSIA
      * Postfix login filter became a mature feature, generating incidents on the Dashboard.
      * Maximum request processing time added for CaptchaHttp.
      * PortHoneypot most scanned port list updated with new ports.

     -- bitninja.IO team <packaging@bitninja.io>  Tue, 06 Jun 2017  17:03:59 +0100

    bitninja (1.16.8) stable; urgency=low

      * SenseLog parse year informations correctly from log lines. Reducing SenseLog false positive rate.
      * CaptchaHttp will not send incidents about get requests for favicon.ico. Reducing CaptchaHttp false
            positive rate.
      * CaptchaHttp now sends remote connection's port number too.
      * The SMTP Captcha response text is nicer.
      * Fixed the issue which caused the time zones to be truncated in some cases.
            Thanks for the help for Brad Bell.
      * TalkBack module disabled, because it will be replaced with another solution.

     -- bitninja.IO team <packaging@bitninja.io>  Tue, 30 May 2017  17:39:59 +0100

    bitninja (1.16.7) stable; urgency=low

      * MalwareDetection module sends malware infos to Api.
            These informations will be shown on the Dashboard.
      * Some improvements for UserCountCommand. This will be used in further pricing options.
      * Loader gif added to the Captcha form.

     -- bitninja.IO team <packaging@bitninja.io>  Fri, 19 May 2017  14:43:26 +0100

    bitninja (1.16.6) stable; urgency=low

      * SystemHealtCmd runs every 3 minutes instead of one.
      * Fixed ipset v4 heimdall-whitelist-net creation error when CIDR prefix is 32.

     -- bitninja.IO team <packaging@bitninja.io>  Tue, 16 May 2017  14:33:03 +0100

    bitninja (1.16.5) stable; urgency=low

      * Shogun now checks whitelist-net -s too, if an incident arrived. This way ips won get in
            greylist or temporary blacklist when incident generated from a white listed ip.
      * CaptchaPage no will wait 2 second before forwarding visitors to their destination after
            successfully solving the Captcha. This should help preventing regreylisting after
            solving the Captcha.

     -- bitninja.IO team <packaging@bitninja.io>  Fri, 12 May 2017  14:00:20 +0100

    bitninja (1.16.4) stable; urgency=low

      * DataProvider sends servers local user number to API.
            This number will be used in further pricing options.

     -- bitninja.IO team <packaging@bitninja.io>  Thu, 04 May 2017  11:18:30 +0100

    bitninja (1.16.3) stable; urgency=low

      * Plesk Log (/var/www/vhosts/system/*/logs/access_log) route added to SenseLog.
      * /var/www route added to MalwareDetection file_path-s.
      * PortHoneypot checks if port is in use before creating a redirection.

     -- bitninja.IO team <packaging@bitninja.io>  Mon, 24 Apr 2017  14:12:20 +0100

    bitninja (1.16.2) stable; urgency=low

      * SslTerminating module can be enabled through dashboard.
      * Replaced PHP-serialization in the Web Honeypot module with JSON-based serialization
            due to security reasons. Previous honeypots are not compatible, the module will log
            an error in cases where the data can't be JSON-decoded. The error message contains
            the received data, the old honeypot can be found using this information.
      * OutboundWAF handles symlinks correctly in cwd.
      * You can convert a file to a honeypot through bitninjacli,
            with bitninjacli --webhoneypot --file=/path/to/file.
      * CLI help text updated with new commands.
      * IpFilter greylist restoring for ipsetv6 moved to the module loop.
            This way IpFilter rules are set after the first chunk loaded.
      * Ipset restore nice level now set to 19 for the remaining greylist chunks.
            This can probably decrease Bitninja start up load level.

     -- bitninja.IO team <packaging@bitninja.io>  Tue, 18 Apr 2017  09:31:49 +0100

    bitninja (1.16.1) stable; urgency=low

      * OutboundWAF only uses ss, if a malicious request is caught.
            This can solve OutboundWAF high load issue on some servers.
      * OutboundWAF ipc queue number was changed from 516 to 518.
      * Multiple optimization added for SenseLog. Its performance improved with 645%.
      * Multilingual support added to CaptchaSmtp page.
      * ApacheWpXmlrpcSuspiciousUserAgent Filter is now active.
            This rule looks for Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.1,
            which is used by a scanner.

     -- bitninja.IO team <packaging@bitninja.io>  Thu, 06 Apr 2017  13:44:38 +0100

    bitninja (1.16.0) stable; urgency=low

      * New module: SslTerminating added. This module uses HAProxy to terminate https connections.
            If a greylisted IP tries to connect on https(443 port) the Captcha page will appear.
      *       - Module can be enabled through bitninjacli by adding --module=SslTerminating --enabled to it.
      *       - HAProxy configs could be regenerated by --regenerate.
      *       - HAProxy configs can be reloaded by --reload.

     -- bitninja.IO team <packaging@bitninja.io>  Mon, 27 Mar 2017  09:24:23 +0100

    bitninja (1.15.0) stable; urgency=low

      * Fix passing variables on verify page.
      * Prevent displaying double submit button.
      * Update Spanish translation, add Russian translation to Captcha page.
      * Add Greek, Indonesia and Portugal translations to Captcha page.
      * CaptchaHttp socket listen backlog size can be set in config.ini. It's default value is set to 50.
            This number shows how many connection can be waiting for processing at the same time.
            Php default value is 32.
      * * Fixed two bugs that may have caused the refusal of successful CAPTCHAs:
      * * The CAPTCHA page contained two form nodes, one nested into the other.
            While the tested modern browsers parsed the document correctly, some other browsers could have
            parsed it differently and could have sent incorrect or partial data.
      * * On some of the servers, queries to the ReCaptcha2 API failed with the error string "invalid-json".
            This is a known bug in Google's ReCaptcha library (https://github.com/google/recaptcha/issues/103)
            which causes the requests to fail with the default request method.
            To avoid this, we changed the request method.
      * Country block feature: users can put ip ranges from zone files on their user whitelist and user
            blacklist. New removeFile() function to delete the set file and force the client to download the
            new file. Users can select countries on admin.bitninja.io and the ReloadIpsetCommand will be executed
            to reload the ipset and iptables rules.

     -- bitninja.IO team <packaging@bitninja.io>  Wed, 22 Mar 2017  14:18:35 +0100

    bitninja (1.14.1) stable; urgency=low

      * Fixed checking missing data in CaptchaHTTP to prevent undefined offset errors.
      * New wp-login filter to prevent false-positives for customers using Wordpress websites.
            Maximum retires for requests without redirect_to and reauth parameters changed to 50 in 30 minutes.
            For requests that contain redirect_to and reauth parameters, the number of maximum retires is
            100 in 30 minutes.
      * More specific Joomla login filter to prevent false-positives.
      * The DataProvider module calculates the count of IPs in each set incrementally, that is, it queries
            the size of the sets and adds or subtracts from this number whenever an IP is added or removed.
            To reduce the inaccuracy of this method, the module will periodically query the size of the whole sets.
      * Local timestamp added to SenseLog incident log lines.

     -- bitninja.IO team <packaging@bitninja.io>  Fri, 03 Mar 2017  11:21:51 +0100

    bitninja (1.14.0) stable; urgency=low

      * New feature: Bitninja Agent can handle ip ranges.
      * User white listing and black listing by netmask supported by Agent.
      * Whitelisting bugix added for Simulated ipset. Defult target for whitelist chains set to ACCEPT.
            This means proxy and own rules could be malfunctioning.
            You can use IpFilter post-script-s for solving this issue.

     -- bitninja.IO team <packaging@bitninja.io>  Fri, 24 Feb 2017  14:18:39 +0100

    bitninja (1.13.1) stable; urgency=low

      * OutboundWAF incidens send IncidentProcesss and IncidentFiles as array instead of objects.

     -- bitninja.IO team <packaging@bitninja.io>  Wed, 22 Feb 2017  09:24:26 +0100

    bitninja (1.13.0) stable; urgency=low

      * OutboundWAF module added. This module monitors all out going HTTP requests, and if anything that its
            given rules match, the module tries to identify the process and the files that the process uses.
      * This module tries to help Administrators to indentify malwares.
      * WAF module had been refactored, to further upgrades should be easier to add.

     -- bitninja.IO team <packaging@bitninja.io>  Mon, 20 Feb 2017  10:26:30 +0100

    bitninja (1.12.14) stable; urgency=low

      * CaptchaHttp use Google reCAPTCHA 2.
      * SenseLog only pulls the last 1024 lines from log files instead of 10000.

     -- bitninja.IO team <packaging@bitninja.io>  Fri, 10 Feb 2017  15:08:34 +0100

    bitninja (1.12.13) stable; urgency=low

      * Vietnamese and German translation added to capthca page.
      * Domain whitelisted .eset.com, .securityspace.com, .securityspace.net. http://downuptime.net/
            ip added to whitelisted IPs.
      * Warn log added, if any other inofitywait process is running
            when MalwareDetection try to start inotifywait.
      * QuarantineManager will use BlueCmdBuilder instead of BlueExec
            to avoid command injection via the filename.
      * TalkBack now will continue if, 404 error code retrieved from attacker.
      * New test rule added for xmlrpc POST request by suspicious user agent
            (Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.1)
      * IpFilter runs post-up scripts. Post-up scripts can be executable placed in IpFilter config directory.

     -- bitninja.IO team <packaging@bitninja.io>  Wed, 01 Feb 2017  18:42:45 +0100

    bitninja (1.12.12) stable; urgency=low

      * Fix for CatpchaHttp Url validation. It fixes 500 HTTP errors when loading static contents
            for CatpchaPages.

     -- bitninja.IO team <packaging@bitninja.io>  Tue, 17 Jan 2017  19:45:35 +0100

    bitninja (1.12.11) stable; urgency=low

      * Quickfix for CaptchaHttp directory traversal attack protection bug.

     -- bitninja.IO team <packaging@bitninja.io>  Mon, 16 Jan 2017  14:24:01 +0100

    bitninja (1.12.10) stable; urgency=low

      * CaptchaChallenge pages now use 403 status code instead of 200. Good bots should notice and leave it.
      * Wordpress wp-login filter treshold increased to 100 attempts.
      * IpsetV6 keeps the downloaded compressed greylist file.
      * CaptchaHttp now more carefully looks for directory traversal attack attempt.

     -- bitninja.IO team <packaging@bitninja.io>  Thu, 12 Jan 2017  15:17:13 +0100

    bitninja (1.12.9) stable; urgency=low

      * Made VersionDataProviderCommand more robust.
      * DataProvider won't count the IPs in each set. It will use an initial count and a difference
            updated by the IpFilter using a command.
      * New Api server IPs added to iptables rules to avoid their blacklisting
      * Crash report now only sends the first 100 lines of iptables rules per table.

     -- bitninja.IO team <packaging@bitninja.io>  Wed, 04 Jan 2017  18:14:40 +0100

    bitninja (1.12.8) stable; urgency=low

      * API key is always sent to API via POST request.
      * Greylist restoring separated in 10 steps for better performance.

     -- bitninja.IO team <packaging@bitninja.io>  Wed, 21 Dec 2016  16:01:13 +0100

    bitninja (1.12.7) stable; urgency=low

      * TwitterBot is now domain-whitelisted.
      * SenseLog nice level can be set in config.ini, now set to 15.
      * MalwareDetection inotify version check fixed. Only supported version 3.14.
      * SimulatedIpset will flush chains over 10000 IPs due to performance problem.
      * SenseLog MysqlLogin and FtpPureftpd filters taken out from test stage.
      * Disabled the pure-ftpd filter by default. Can be reenabled in /etc/bitninja/SenseLog/config.ini.

     -- bitninja.IO team <packaging@bitninja.io>  Tue, 20 Dec 2016  15:37:42 +0100

    bitninja (1.12.6) stable; urgency=low

      * IpFilter turn on for everyone.
      * Whitelisting some missing Google mail servers.
      * Whitelisting ebay.com.
      * Bugfix for CaptchaHttp request string pharsing.
      * Bugfix for CaptchaHttp redirection.

     -- bitninja.IO team <packaging@bitninja.io>  Wed, 16 Nov 2016  16:40:46 +0100

    bitninja (1.12.5) stable; urgency=low

      * SenseLog supervisors can be disabled in /etc/bitninja/SenseLog/config.ini.
      * CaptchaHttp now checks remote address at connection time.
      * DosDetection LocalIp filter undefined interface address bug fixed.
      * Turkish translation added to CaptchaHttp. Thanks for Egehan D. from Hostinger.com
      * Joomla Brute force detection rule added to SenseLog.
      * New Plesk logroute added to SenseLog.

     -- bitninja.IO team <packaging@bitninja.io>  Fri, 04 Nov 2016  17:48:31 +0100

    bitninja (1.12.4) stable; urgency=low

      * AnitFlood Black listing limit decreased to 15 from 30.
      * DosDetection now will not watch local ips.
      * Fix in WAF enabling checking.
      * Users now can override default multilanguage template file
            with /etc/bitninja/CaptchaHttp/www/captcha_challenge_template.html.
      * StartTLS support added to CaptchaSmtp by Robert Campbell. Many thanks for your help with it :).

     -- bitninja.IO team <packaging@bitninja.io>  Mon, 24 Oct 2016  15:58:42 +0100

    bitninja (1.12.3) stable; urgency=low

      * binaryedge.ninja, uptimerobot.com added to domain whitelist.
      * apache2, nginx, lighttpd, mysql should start before BitNinja.

     -- bitninja.IO team <packaging@bitninja.io>  Tue, 18 Oct 2016  15:29:10 +0100

    bitninja (1.12.2) stable; urgency=low

      * Native blacklist management refactored.

     -- bitninja.IO team <packaging@bitninja.io>  Tue, 27 Sep 2016  11:28:45 +0100

    bitninja (1.12.1) stable; urgency=low

      * Bitninja use segmented blacklist for ipset v4.

     -- bitninja.IO team <packaging@bitninja.io>  Thu, 22 Sep 2016  21:18:07 +0100

    bitninja (1.12.0) stable; urgency=low

      * New log rule for Postfix added.
      * Porthoneypot now waits 30 minutes before starting after server restart.
      * Symantec.com is now whitelisted.
      * Nodeping server monitoring is now domain-whitelisted.
      * New incident level newLog added.
      * New Sql injection detector rules added to WAF.
      * Users can define their own WAF rules at /etc/bitninja/WAF/Rules/userRules.php.
      * Users can define their valid requests at /etc/bitninja/WAF/Rules/userValidRequests.php for testing purpose.
      * WAF uses php arrays for rule definition instead of ini format.
      * WAF can be started in logging mode, which is not interfearing with HTTP requests. It can be set in the config.ini.
      * File upload filter added to WAF in order to decrease false positive matches when file upload.

     -- bitninja.IO team <packaging@bitninja.io>  Wed, 14 Sep 2016  18:57:49 +0100

    bitninja (1.11.30) stable; urgency=low

      * SenseLog will not analyze logs that were not changed in the last four hours.
      * After removing Bitninja, it will stop Bitninja related inotifywait process(es) on rpm based distros.

     -- bitninja.IO team <packaging@bitninja.io>  Thu, 25 Aug 2016  12:12:15 +0100

    bitninja (1.11.29) stable; urgency=low

      * Workaround added for CVE-2016-5696
      * Initial value added for SenseLogs AbstractLogDetector.

     -- bitninja.IO team <packaging@bitninja.io>  Tue, 23 Aug 2016  16:07:49 +0100

    bitninja (1.11.28) stable; urgency=low

      * New mysql log detection added to Senselog.
      * Kill MalwareDetection-related inotifywait after removing BitNinja.
      * Error detection added to Porthoneypot CheckUptimeBeforeStart method.
      * Prevent starting inotifywait more times.
      * Fix for ipset V6 restore, when duplicated entries in the lists.

     -- bitninja.IO team <packaging@bitninja.io>  Mon, 22 Aug 2016  18:22:48 +0100

    bitninja (1.11.27) stable; urgency=low

      * Minor style fixes on CaptchaHttp page.
      * Changed favicon on CaptchaHttp page.
      * Prevent caching of favicon.
      * Fix module dependencies.
      * Initial value added for IpSetUsageDataProvider first_run attribute.
      * BitninjaCli checks if private IPs try to add to sets.
      * CaptchaSmtp can use different port(s), it can be set in config.ini.

     -- bitninja.IO team <packaging@bitninja.io>  Wed, 27 Jul 2016  16:45:32 +0100

    bitninja (1.11.26) stable; urgency=low

      * Greatly reduced the number of unnecessary Api calls
      * Fixed PortHoneypot instant greylist without ip checking bug

     -- bitninja.IO team <packaging@bitninja.io>  Wed, 06 Jul 2016  18:18:26 +0100

    bitninja (1.11.25) stable; urgency=low

      * BitninjaCli now makes local ipset changes immediately.
      * Default Captcha page has been redesigned.
      * Language switcher added to Captcha page.
      * PortHoneypot waits 10 minutes after Server restart before creating honeypots.

     -- bitninja.IO team <packaging@bitninja.io>  Tue, 05 Jul 2016  18:36:47 +0100

    bitninja (1.11.24) stable; urgency=low

      * Fixed ipset V4/V6 list exists localization issue.
      * Fixed DosDetection/PortHoneypot netstat localization issue.
      * Mistake incident level added to Shogun.
      * AntiFlood can handle IPs not yet greylisted.
      * AntiFlood limits can be configured from /etc/bitninja/AntiFood/config.ini
      * CapthcaSmtp verify now produces Mistake level incidents
      * getQueue Api call has been improved significantly.

     -- bitninja.IO team <packaging@bitninja.io>  Mon, 20 Jun 2016  18:06:10 +0100

    bitninja (1.11.23) stable; urgency=low

      * MalwareDetection module tries to install inotify-tools if it is not installed yet. Does not enable EPEL repository.

     -- bitninja.IO team <packaging@bitninja.io>  Fri, 10 Jun 2016  12:29:15 +0100

    bitninja (1.11.22) stable; urgency=low

      * Fixed: Bitninja failing to restart after API ping timeout error
      * IpFilter temporary blacklist interval is now configurable

     -- bitninja.IO team <packaging@bitninja.io>  Fri, 03 Jun 2016  13:50:47 +0100

    bitninja (1.11.21) stable; urgency=low

      * System Module now restarts parent process if it stops unusually
      * CSF postscript.sh location directory can be changed in IpFilter/config.ini if needed
      * Fix in missing command handling on rpm distributions

     -- bitninja.IO team <packaging@bitninja.io>  Tue, 24 May 2016  11:54:53 +0100

    bitninja (1.11.20) stable; urgency=low

      * Sha1 Removal. See further information about it at https://wiki.debian.org/Teams/Apt/Sha1Removal

     -- bitninja.IO team <packaging@bitninja.io>  Wed, 11 May 2016  19:02:56 +0100

    bitninja (1.11.19) stable; urgency=low

      * Nginx senselog rules added
      * ipset usage dataProvider fix

     -- bitninja.IO team <packaging@bitninja.io>  Tue, 03 May 2016  12:55:04 +0100

    bitninja (1.11.18) stable; urgency=low

      * Negative badbot_count fixed
      * Dos detection notice ipv6 fix
      * Bitninja restarts after update, error fixed
      * Missing License warning looks nicer
      * Socket server socket blind failure

     -- bitninja.IO team <packaging@bitninja.io>  Mon, 02 May 2016  11:04:19 +0100

    bitninja (1.11.17) stable; urgency=low

      * Fixing PortHoneypot bug on proxy detection

     -- bitninja.IO team <packaging@bitninja.io>  Wed, 27 Apr 2016  10:39:13 +0100

    bitninja (1.11.16) stable; urgency=low

      * SenseLog WP enumeration attack detector and Vsftpd filter is now in production mode

     -- bitninja.IO team <packaging@bitninja.io>  Mon, 25 Apr 2016  20:16:58 +0100

    bitninja (1.11.15) stable; urgency=low

      * SenseLog Proftpd filter is now in production mode

     -- bitninja.IO team <packaging@bitninja.io>  Sat, 16 Apr 2016  13:53:05 +0100

    bitninja (1.11.14) stable; urgency=low

      * SenseLog is now able to detect in proftpd, pureftpd, vsftpd logs
      * SenseLog is now able to detect Wordpress enumeration attack

     -- bitninja.IO team <packaging@bitninja.io>  Wed, 13 Apr 2016  19:22:23 +0100

    bitninja (1.11.13) stable; urgency=low

      * SenseLog is now able to detect DirectAdmin logs; thanks for the patch to Antanas

     -- bitninja.IO team <packaging@bitninja.io>  Fri, 01 Apr 2016  13:16:11 +0100

    bitninja (1.11.12) stable; urgency=low

      * Qualys continuous security added to global whitelist
      * New filters for SenseLog module: recommend_site, Magento scanning, e107 attack (test filters)

     -- bitninja.IO team <packaging@bitninja.io>  Thu, 31 Mar 2016  15:25:39 +0100

    bitninja (1.11.11) stable; urgency=low

      * Fixing honeypotify

     -- bitninja.IO team <packaging@bitninja.io>  Sat, 26 Mar 2016  14:39:45 +0100

    bitninja (1.11.10) stable; urgency=low

      * Fix for Centos5 repo to contain bitninjacli in /usr/sbin
      * bitninjacli reloadiptables command will reload ipset if they have been flushed

     -- bitninja.IO team <packaging@bitninja.io>  Sat, 05 Mar 2016  16:42:21 +0100

    bitninja (1.11.9) stable; urgency=low

      * MalwareDetection binary dir.s and BitNinja dir. to exclude list
      * XSS vulnerability fix on Captcha pages
      * NicDataProfider notice fix

     -- bitninja.IO team <packaging@bitninja.io>  Thu, 03 Mar 2016  13:22:43 +0100

    bitninja (1.11.8) stable; urgency=low

      * Disabled CatpchaSmtp, CaptchaHttp, SenseLog modules for free users
      * IPFilter module doesn't download ipset again within 15 minutes

     -- bitninja.IO team <packaging@bitninja.io>  Fri, 19 Feb 2016  18:43:09 +0100

    bitninja (1.11.7) stable; urgency=low

      * Malware detection scan command with more expressive logging

     -- bitninja.IO team <packaging@bitninja.io>  Wed, 17 Feb 2016  22:22:23 +0100

    bitninja (1.11.6) stable; urgency=low

      * Captcha page polish translation; thanks for the patch to Patryk W�?grzynek
      * Malware detection scan command
      * Malware detection increases max_user_watches value automatically

     -- bitninja.IO team <packaging@bitninja.io>  Wed, 17 Feb 2016  11:06:52 +0100

    bitninja (1.11.5) stable; urgency=low

      * Warning added when CaptchaSmtp can't determine delisturl

     -- bitninja.IO team <packaging@bitninja.io>  Tue, 09 Feb 2016  16:30:09 +0100

    bitninja (1.11.4) stable; urgency=low

      * PortHoneypot will not redirect port above 1024 (solution for ftp issue)
      * WAF rulesets now separated from build process
      * Config Added to CaptchaSmtp where mail_captcha_ip can be used in the delisting url

     -- bitninja.IO team <packaging@bitninja.io>  Mon, 08 Feb 2016  17:05:45 +0100

    bitninja (1.11.3) stable; urgency=low

      * Bugfix: MalwareDetection enabling

     -- bitninja.IO team <packaging@bitninja.io>  Fri, 05 Feb 2016  12:12:18 +0100

    bitninja (1.11.2) stable; urgency=low

      * MalwareDetection custom post-quarantine scripts directory with info file

     -- bitninja.IO team <packaging@bitninja.io>  Thu, 04 Feb 2016  22:18:13 +0100

    bitninja (1.11.1) stable; urgency=low

      * Some fixes in MalwareDetection when inotifywait does not exist

     -- bitninja.IO team <packaging@bitninja.io>  Thu, 04 Feb 2016  18:28:20 +0100

    bitninja (1.11.0) stable; urgency=low

      * New module introduced: MalwareDetection. In beta version.

     -- bitninja.IO team <packaging@bitninja.io>  Wed, 03 Feb 2016  21:18:44 +0100

    bitninja (1.10.11) stable; urgency=low

      * Target for whitelist or Bitninja redirections can be set in IpFilter config. Default is RETURNA

     -- bitninja.IO team <packaging@bitninja.io>  Thu, 28 Jan 2016  16:09:26 +0100

    bitninja (1.10.10) stable; urgency=low

      * Fix CSF firewall installation detection

     -- bitninja.IO team <packaging@bitninja.io>  Wed, 27 Jan 2016  13:20:14 +0100

    bitninja (1.10.9) stable; urgency=low

      * Fix CSF firewall installation detection

     -- bitninja.IO team <packaging@bitninja.io>  Tue, 26 Jan 2016  15:11:58 +0100

    bitninja (1.10.8) stable; urgency=low

      * Create CSF integration for Bitninja
      * Reload iptables and starting PortHoneypot command option is in BitninjaCli
      * Additional bugfixes

     -- bitninja.IO team <packaging@bitninja.io>  Tue, 26 Jan 2016  12:15:54 +0100

    bitninja (1.10.7) stable; urgency=low

      * Temporarily disabled PortHoneypot
      * Created config file, which allows users to disable modules

     -- bitninja.IO team <packaging@bitninja.io>  Sat, 16 Jan 2016  12:52:16 +0100

    bitninja (1.10.6) stable; urgency=low

      * Slight changes on the honeypot ports. Removed 113, 443 from the list of constant honeypot ports.

     -- bitninja.IO team <packaging@bitninja.io>  Thu, 14 Jan 2016  00:07:11 +0100

    bitninja (1.10.5) stable; urgency=low

      * Most vulnerable ports added to default PortHoneypot config

     -- bitninja.IO team <packaging@bitninja.io>  Wed, 13 Jan 2016  20:45:02 +0100

    bitninja (1.10.4) stable; urgency=low

      * Simplyfied IPv4 rules used in iptables
      * AddRediretion command now used for port forwarding

     -- bitninja.IO team <packaging@bitninja.io>  Wed, 13 Jan 2016  12:55:29 +0100

    bitninja (1.10.3) stable; urgency=low

      * Some bug fix for iptables rules in ipsetv4 in AddRedirection command
      * RestoreRedirection method added to IpFilter module
      * CatpchaSmtp, CaptchaHttp, SenseLog modules enabled for free users for two weeks

     -- bitninja.IO team <packaging@bitninja.io>  Mon, 11 Jan 2016  20:43:47 +0100

    bitninja (1.10.2) stable; urgency=low

      * Smaller fixes for PortHoneypot

     -- bitninja.IO team <packaging@bitninja.io>  Fri, 08 Jan 2016  16:54:14 +0100

    bitninja (1.10.1) stable; urgency=low

      * Fixed misconfiguration

     -- bitninja.IO team <packaging@bitninja.io>  Wed, 06 Jan 2016  19:14:06 +0100

    bitninja (1.10.0) stable; urgency=low

      * PortHoneypot module was added

     -- bitninja.IO team <packaging@bitninja.io>  Wed, 06 Jan 2016  17:26:01 +0100

    bitninja (1.9.10) stable; urgency=low

      * iptables rules in IpFilter have been simplified
      * The treshold of ApacheWpLoginFilter is decreased to 50 requests in 10 minutes - thank you for the idea for Brad Bell
      * ApacheWpLoginFilter can detect attacks if the query string contains an URI
      * ApacheWpLoginFilter can detect attacks if wp-login.php is in a subdirectory

     -- bitninja.IO team <packaging@bitninja.io>  Tue, 05 Jan 2016  13:24:51 +0100

    bitninja (1.9.9) stable; urgency=low

      * Fixed bug which caused that CaptchaSmtp was unable to determine IPs.

     -- bitninja.IO team <packaging@bitninja.io>  Mon, 21 Dec 2015  20:31:55 +0100

    bitninja (1.9.8) stable; urgency=low

      * Incidents from *.hotmail.com will be filtered by the Shogun module

     -- bitninja.IO team <packaging@bitninja.io>  Mon, 21 Dec 2015  16:15:47 +0100

    bitninja (1.9.7) stable; urgency=low

      * CaptchaSmtp bugfix for closed connections
      * CaptchaSmtp hash expiration time increased to 40 hours

     -- bitninja.IO team <packaging@bitninja.io>  Mon, 21 Dec 2015  11:32:44 +0100

    bitninja (1.9.6) stable; urgency=low

      * Fixing Bitninja permissions for CentOS

     -- bitninja.IO team <packaging@bitninja.io>  Fri, 18 Dec 2015  15:33:02 +0100

    bitninja (1.9.5) stable; urgency=low

      * Fix for WAF IpTables rule and WAF can detect Remote Command Execution Vulnerability in Joomla.
      * Permission fix for Bitninja directories.

     -- bitninja.IO team <packaging@bitninja.io>  Thu, 17 Dec 2015  13:07:09 +0100

    bitninja (1.9.4) stable; urgency=low

      * Fix for CaptchaSmpt to allow greylisted IPs to access the CAPTCHA page on its port.

     -- bitninja.IO team <packaging@bitninja.io>  Tue, 15 Dec 2015  18:24:59 +0100

    bitninja (1.9.3) stable; urgency=low

      * Fixed StartSSL bug and high memory usage in CaptchaSmtp
      * SenseWebHoneypot is now able to recieve data in multiple TCP segments
      * POST data is turncated in SenseWebHoneypot so it can be sent through IPC message queues

     -- bitninja.IO team <packaging@bitninja.io>  Mon, 07 Dec 2015  21:57:07 +0100

    bitninja (1.9.2) stable; urgency=low

      * Temporarily disabling CaptchaSMTP module

     -- bitninja.IO team <packaging@bitninja.io>  Fri, 27 Nov 2015  14:19:24 +0100

    bitninja (1.9.1) stable; urgency=low

      * Fixed bug that may cause reading the original swappiness wrongly

     -- bitninja.IO team <packaging@bitninja.io>  Thu, 26 Nov 2015  13:16:30 +0100

    bitninja (1.9.0) stable; urgency=low

      * Enabled CaptchaSmtp module
      * Fixed bug that caused DataProvider to report incorrect statistics about greylist
      * Removing IPs from the greylist will also remove them from blacklist
      * It is now possible to reject requests on UDP port 53
      * Fixed bug in the self-update script that made BitNinja to restart two times on Debian-based hosts
      * bitninjacli displays help message when no known parameters are used
      * bitninjacli options related to WAF are now beeing displayed
      * Swappiness is now being set to 0 while loading the IP lists

     -- bitninja.IO team <packaging@bitninja.io>  Wed, 25 Nov 2015  21:05:36 +0100

    bitninja (1.8.9) stable; urgency=low

      * Fixed bug in the IpFilter module.

     -- bitninja.IO team <packaging@bitninja.io>  Fri, 13 Nov 2015  16:03:20 +0100

    bitninja (1.8.8) stable; urgency=low

      * Fixed bug in the CaptchaSmtp pre-release module.

     -- bitninja.IO team <packaging@bitninja.io>  Wed, 11 Nov 2015  17:04:19 +0100

    bitninja (1.8.7) stable; urgency=low

      * Fixed bug that prevented the creation of more than one shared memory blocks on hosts with 32 bit architecture.

     -- bitninja.IO team <packaging@bitninja.io>  Mon, 09 Nov 2015  12:25:37 +0100

    bitninja (1.8.6) stable; urgency=low

      * WAF will find IPs of the host and start a server for each of them
      * Refined wp-login SenseLog filter so that it will only recognise requests, as attack attempt is the query string itself contains the pattern
      * Refined abdullkarem SenseLog filter

     -- bitninja.IO team <packaging@bitninja.io>  Fri, 06 Nov 2015  19:27:53 +0100

    bitninja (1.8.5) stable; urgency=low

      * WAF can be turned on or off via bitninjacli

     -- bitninja.IO team <packaging@bitninja.io>  Mon, 02 Nov 2015  21:39:09 +0100

    bitninja (1.8.4) stable; urgency=low

      * Changed WAF patterns to avoid false-positives
      * Updated dependencies

     -- bitninja.IO team <packaging@bitninja.io>  Mon, 02 Nov 2015  14:13:34 +0100

    bitninja (1.8.3) stable; urgency=low

      * WAF can be enabled/disabled from the admin panel
      * IpFilter will reinsert WAF rules on error
      * Fixed bug that caused periodical running methods to run more frequently than needed
      * Increased maximal count of WAF processes to 1000

     -- bitninja.IO team <packaging@bitninja.io>  Thu, 29 Oct 2015  17:50:49 +0100

    bitninja (1.8.2) stable; urgency=low

      * Request string, message headers and body are dumped to the log when WAF sends an incident
      * New enable/disable script with less dependencies
      * IPs from WAF incidents are greylisted locally
      * User configuration file for WAF

     -- bitninja.IO team <packaging@bitninja.io>  Fri, 23 Oct 2015  12:06:31 +0100

    bitninja (1.8.1) stable; urgency=low

      * WAF settings are moved to configuration files from the code
      * Updated package dependencies

     -- bitninja.IO team <packaging@bitninja.io>  Wed, 21 Oct 2015  14:30:23 +0100

    bitninja (1.8.0) stable; urgency=low

      * Added WAF module

     -- bitninja.IO team <packaging@bitninja.io>  Tue, 20 Oct 2015  21:44:44 +0100

    bitninja (1.7.16) stable; urgency=low

      * IpFilter will only try to recreate BitNinja ruleset once in an hour.

     -- bitninja.IO team <packaging@bitninja.io>  Fri, 16 Oct 2015  18:32:06 +0100

    bitninja (1.7.15) stable; urgency=low

      * IpFilter module will now recreate BitNinja's iptables ruleset if it is not intact �?? thanks for the report for Alex Amiras
      * Fixed bug in the logging of the messages sent by the running environment

     -- bitninja.IO team <packaging@bitninja.io>  Fri, 16 Oct 2015  16:23:08 +0100

    bitninja (1.7.14) stable; urgency=low

      * Several SenseLog filters were modified to be more adaptable to different log formats
      * Fixed bug in inclusion of user configuration files
      * Added user configuration file for DosDetection module �?? thanks for the request for Emre Ciftci
      * Removed googleusercontent.com from whitelisted domains �?? thanks for the help of Brad Bell
      * Added SenseLog filter for HTTP request that contains the abdullkarem string
      * Fixed bug that caused CaptchaHttp module to send IPC messages to a non-running module
      * Added French CAPTCHA page - thanks for the translation for Miguel, at the Philippines

     -- bitninja.IO team <packaging@bitninja.io>  Wed, 14 Oct 2015  20:57:07 +0100

    bitninja (1.7.13) stable; urgency=low

      * Added signal handlers for SIGHUP and SIGQUIT signals - thanks for the report to Miktos Tsatsakis
      * Fixed bug that prevented startup on Red Hat based distributions if no network was available - thanks for the report to Andrew Shaw
      * Fixed bug that caused the logging of suppressed warnings
      * Reduced AntiFlood temporary blacklisting from 24 hours to 1 hour

     -- bitninja.IO team <packaging@bitninja.io>  Thu, 24 Sep 2015  14:04:25 +0100

    bitninja (1.7.12) stable; urgency=low

      * Added script to Cli module to ease manual greylisting using apache logs
      * Fixed bug that caused SenseLog module to watch rotated virtualmin logs - thanks for the report and the patch to Brad Bell at vaxxine.com

     -- bitninja.IO team <packaging@bitninja.io>  Mon, 07 Sep 2015  20:24:00 +0100

    bitninja (1.7.11) stable; urgency=low

      * Fixed logging bug that occurred when BitNinja failed to connect the API server
      * Added CPanel/WHM login detection to SenseLog module

     -- bitninja.IO team <packaging@bitninja.io>  Wed, 26 Aug 2015  18:21:25 +0100

    bitninja (1.7.10) stable; urgency=low

      * Maximum numbers of retries increased when trying to connect to the BitNinja API
      * CLI module logs to file
      * SenseLog module finds Apache logs placed by Virtualmin

     -- bitninja.IO team <packaging@bitninja.io>  Tue, 25 Aug 2015  11:23:24 +0100

    bitninja (1.7.9) stable; urgency=low

      * PageCaptchaVerify refactors $ips to $soure_ip and fixed a bug, that was initialized as null.
      * SenseWebHoneypot/lib/WebHoneypotServer.php logging level decreased from info to trace down non-harmful requests.
      * TalkBack decreased the amount of logs.

     -- bitninja.IO team <packaging@bitninja.io>  Tue, 18 Aug 2015  21:47:32 +0100

    bitninja (1.7.8) stable; urgency=low

      * Bugfix about OpenVZ DoS detection. Thanks for the bug report to Eric Fisher
      * Bugfix about netconsole service blocking bitninja to start when booting. Thanks for the bug report to Paul De Crette

     -- bitninja.IO team <packaging@bitninja.io>  Tue, 18 Aug 2015  00:37:43 +0100

    bitninja (1.7.7) stable; urgency=low

      * IpFilter module now starts with a lower priority (-10) to prevent startup hung
      * and then increase the process priority to -10

     -- bitninja.IO team <packaging@bitninja.io>  Thu, 13 Aug 2015  21:03:46 +0100

    bitninja (1.7.6) stable; urgency=low

      * Minor bugfixes about some notice
      * Api timeout increased from 10 sec to 20 sec

     -- bitninja.IO team <packaging@bitninja.io>  Thu, 13 Aug 2015  18:42:06 +0100

    bitninja (1.7.5) stable; urgency=low

      * Fixed a bug about WebHoneypot (and probably CaptchaHttp) was unable to greylist locally

     -- bitninja.IO team <packaging@bitninja.io>  Thu, 13 Aug 2015  00:39:03 +0100

    bitninja (1.7.4) stable; urgency=low

      * Fixed some minor bugs around IpFilter module.
      * Getting ready for public release.

     -- bitninja.IO team <packaging@bitninja.io>  Wed, 12 Aug 2015  00:26:11 +0100

    bitninja (1.7.3) stable; urgency=low

      * Fixed bug that caused improper deactivation of some rules when using simulated ipset
      * Improved log analysis patterns, the SenseLog module can scan customized Apache logs better
      * Fixed bug in SocketServer (used by ProxyFilter and SenseWebHoneypot modules) which caused early termination of some connections
      * ProxyFilter is disabled by default
      * Improved OS detection algorithm
      * Added error checking to the startup algorithm, which makes BitNinja more tolerant to API server errors
      * Include date and time to the logfiles

     -- bitninja.IO team <packaging@bitninja.io>  Fri, 07 Aug 2015  15:17:15 +0100

    bitninja (1.7.2) stable; urgency=low

      * Updated rpm package dependencies
      * IpFilter module removes proxyList rules when stopped
      * Ip set download bug fixed

     -- bitninja.IO team <packaging@bitninja.io>  Fri, 31 Jul 2015  13:51:56 +0100

    bitninja (1.7.1) stable; urgency=low

      * Updated dependencies in the framework.

     -- bitninja.IO team <packaging@bitninja.io>  Wed, 29 Jul 2015  14:44:45 +0100

    bitninja (1.7.0) stable; urgency=low

      * ProxyFilter module
      * Simulated ipset for users with incompatible kernel
      * IpFilter module refactored

     -- bitninja.IO team <packaging@bitninja.io>  Wed, 29 Jul 2015  12:09:48 +0100

    bitninja (1.6.3) stable; urgency=low

      * Removed not needed warning messages from observers.

     -- bitninja.IO team <packaging@bitninja.io>  Thu, 23 Jul 2015  17:52:32 +0100

    bitninja (1.6.2) stable; urgency=low

      *  Fixed bug in CaptchaHttp module, which was caused by trying to select closed sockets.
      *  DataProvider module can now read NIC data with older versions of the ip command.
      *  Fixed bug in CaptchaHttp that occured during the verification when no parameters were sent.

     -- bitninja.IO team <packaging@bitninja.io>  Mon, 20 Jul 2015  15:08:45 +0100

    bitninja (1.6.1) stable; urgency=low

      *  CaptchaHttp indexing bug fix.

     -- bitninja.IO team <packaging@bitninja.io>  Mon, 13 Jul 2015  19:10:58 +0100

    bitninja (1.6.0) stable; urgency=low

      *  SenseWebHoneypot greylists IPs locally via Shogun.
      *  SenseWebHoneypot module enabled by default.

     -- bitninja.IO team <packaging@bitninja.io>  Mon, 13 Jul 2015  15:25:53 +0100

    bitninja (1.5.8) stable; urgency=low

      *  CaptchaHttp module timeout bug fixed

     -- bitninja.IO team <packaging@bitninja.io>  Thu, 09 Jul 2015  18:52:09 +0100

    bitninja (1.5.7) stable; urgency=low

      *  wp login treshold increased to 50
      *  fixed user whitelisting on Shogun module

     -- bitninja.IO team <packaging@bitninja.io>  Tue, 30 Jun 2015  16:02:46 +0100

    bitninja (1.5.6) stable; urgency=low

      * xmlrpc log analyzer: attack limit inceased to 100 request / 10 minutes.

     -- bitninja.IO team <packaging@bitninja.io>  Mon, 22 Jun 2015  00:14:36 +0100

    bitninja (1.5.5) stable; urgency=low

      * Left out from prevoius build:
      *  ApacheNoscript log checking removed
      *  ApacheWpXmlrpc log check added
      *  ApacheGooglemap2 log check added
      *  ApacheParentDenied log check added
      *  EximCTimeout log check added

     -- bitninja.IO team <packaging@bitninja.io>  Tue, 09 Jun 2015  18:26:53 +0100

    bitninja (1.5.4) stable; urgency=low

      *  ApacheNoscript log checking removed
      *  ApacheWpXmlrpc log check added
      *  ApacheGooglemap2 log check added
      *  ApacheParentDenied log check added
      *  EximCTimeout log check added

     -- bitninja.IO team <packaging@bitninja.io>  Mon, 01 Jun 2015  22:56:00 +0100

    bitninja (1.5.3) stable; urgency=low

      *  Further fixes for IPv6 DosDetection bug.

     -- bitninja.IO team <packaging@bitninja.io>  Sun, 31 May 2015  19:18:59 +0100

    bitninja (1.5.2) stable; urgency=low

      *  Hotfix for IPv6 DosDetection bug.

     -- bitninja.IO team <packaging@bitninja.io>  Sun, 31 May 2015  11:47:22 +0100

    bitninja (1.5.1) stable; urgency=low

      * DosDetection has been refactored. Now supports exceptions for local and remote ports
      *  for remote port 25 the new treshold is 200 connections.
      *  For local 22 port the new treshold is 40 connections.

     -- bitninja.IO team <packaging@bitninja.io>  Fri, 29 May 2015  22:05:07 +0100

    bitninja (1.4.18) stable; urgency=low

      * New log analyzer rules (Apache parnet dir denial, Wordpress XmlRpc, Exim logs for connection timeout checks)
      * AntiFlood small logging bug fixes
      * Cli now supports greylist checking

     -- bitninja.IO team <packaging@bitninja.io>  Wed, 27 May 2015  17:29:38 +0100

    bitninja (1.4.17) stable; urgency=low

      * Small fix in linux distributin detection.

     -- bitninja.IO team <packaging@bitninja.io>  Wed, 20 May 2015  22:39:26 +0100

    bitninja (1.4.16) stable; urgency=low

      * Changed iptables requirement from 1.4.7 to 1.4.4

     -- bitninja.IO team <packaging@bitninja.io>  Wed, 20 May 2015  18:10:24 +0100

    bitninja (1.4.15) stable; urgency=low

      * Filtering incident flood.
      * 1e100.net domain whitelisted
      * Fix in the Captcha module so the user will be auto-redirected to the address where he/she came from.

     -- bitninja.IO team <packaging@bitninja.io>  Tue, 19 May 2015  23:26:51 +0100

    bitninja (1.4.14) stable; urgency=low

      * Further hotfix for SenseLog stability and memory leak.

     -- bitninja.IO team <packaging@bitninja.io>  Sat, 16 May 2015  21:59:18 +0100

    bitninja (1.4.13) stable; urgency=low

      * Further fixes in log detection to avoid module crashes.

     -- bitninja.IO team <packaging@bitninja.io>  Sat, 16 May 2015  14:09:02 +0100

    bitninja (1.4.12) stable; urgency=low

      * Small fix in log detection logging not to flood logs and andmin panel


     -- bitninja.IO team <packaging@bitninja.io>  Sat, 16 May 2015  02:38:10 +0100

    bitninja (1.4.11) stable; urgency=low

      * Check for IpTables rules every 5 minutes and fix them if needed.
      * Small fix in log detection logging not to flood logs and andmin panel
      * Now bitninja client utilizes http cookie-based session in communication with the central server.
      * Small fix not to restart thread so often b/c of api server error.

     -- bitninja.IO team <packaging@bitninja.io>  Fri, 15 May 2015  18:01:03 +0100

    bitninja (1.4.10) stable; urgency=low

      * - Fix for open file descriptor limit.

     -- bitninja.IO team <packaging@bitninja.io>  Thu, 14 May 2015  17:18:40 +0100

    bitninja (1.4.9) stable; urgency=low

      * SenseWebHoneypot introduced but switched off at config.php
      * Fixed a bug about greylist disabling
      * Captcha challange page extended with honeypot juice and e-mail honey
      * Log detection now supports cPanel and Plesk apache access and error logs.

     -- bitninja.IO team <packaging@bitninja.io>  Mon, 11 May 2015  22:01:09 +0100

    bitninja (1.5.0) stable; urgency=low

      * New sense module has been introduced. Welcome the SenseWebHoneypot module!
      * This module makes it possible to plant honeypot mines into php websites and to send incidnet about abuser IP-s.
      * Currently this module is in beta test phase.

     -- bitninja.IO team <packaging@bitninja.io>  Thu, 07 May 2015  19:44:54 +0100

    bitninja (1.4.8) stable; urgency=low

      * Same as before, just to trigger auto-update on servers.

     -- bitninja.IO team <packaging@bitninja.io>  Wed, 06 May 2015  15:52:12 +0100

    bitninja (1.4.7) stable; urgency=low

      * Bugfix release
      * found and fixed bug in the CaptchaHttp google ip auto-whitelist functionality.

     -- bitninja.IO team <packaging@bitninja.io>  Tue, 05 May 2015  16:37:50 +0100

    bitninja (1.4.6) stable; urgency=low

      * Bugfix release
      * found and fixed bug in the framework in os detection code.

     -- bitninja.IO team <packaging@bitninja.io>  Tue, 05 May 2015  11:29:50 +0100

    bitninja (1.4.5) stable; urgency=low

      * Bugfix release
      * found a bug in the framework that can lead to misbehavoiur in many parts. Bug fixed.

     -- bitninja.IO team <packaging@bitninja.io>  Tue, 05 May 2015  01:57:19 +0100

    bitninja (1.4.4) stable; urgency=low

      * Bugfix release
      * www.google.com availability check introduced into the CAPTCHA module
      * 1e100.net removed from domain whitelist
      * major bug found and fixed in the AntiFlood module

     -- bitninja.IO team <packaging@bitninja.io>  Mon, 04 May 2015  14:25:45 +0100

    bitninja (1.4.3) stable; urgency=low

      * Bugfix release
      * removed baidu.com from general domain whitelist b/c of user complaints
      * added protection.outlook.com to domain whitelist
      * 1e100.net added temporarly to the domain whitelist, but it is not
      permanent, will be removed soon. It is necessary to make sure users do not greylist www.google.com, as it is needed for the reCAPTCHA to work.
      * Workaround in progress.

     -- bitninja.IO team <packaging@bitninja.io>  Thu, 30 Apr 2015  15:04:14 +0100

    bitninja (1.4.2) stable; urgency=low

      * Bugfix release because google banned some IPs for CAPTCHA checking. Hotfix for this issue.

     -- bitninja.IO team <packaging@bitninja.io>  Thu, 30 Apr 2015  00:28:28 +0100

    bitninja (1.4.1) stable; urgency=low

      * If the outgoing IP of a server is greylisted, it will auto-whitelist itself on the API server.
      * Captcha templates fixed the relative paths
      * Stopped complaints about whitelisted DOS attempts

     -- bitninja.IO team <packaging@bitninja.io>  Tue, 14 Apr 2015  14:30:04 +0100

    bitninja (1.4.0) stable; urgency=low

      * If the outgoing IP of a server is greylisted, it will auto-whitelist itself on the API server.
      * We don't start bitninja on debian after installation.
      * Captcha templates fixed the relative paths
      * Stopped complaints about whitelisted DOS attempts

     -- bitninja.IO team <packaging@bitninja.io>  Mon, 13 Apr 2015  11:54:19 +0100

    bitninja (1.3.7) stable; urgency=low

      * DosDetection TIME_WAIT feature removed.
      * Small bugfix for Cpatcha page.

     -- bitninja.IO team <packaging@bitninja.io>  Mon, 30 Mar 2015  22:39:54 +0100

    bitninja (1.3.6) stable; urgency=low

      * Improved deb/rpm detection.

     -- bitninja.IO team <packaging@bitninja.io>  Mon, 30 Mar 2015  17:47:53 +0100

    bitninja (1.3.5) stable; urgency=low

      * DOS detection extended to tcp connections in TIME_WAIT state.
      * Bugfix for bitninjacli

     -- bitninja.IO team <packaging@bitninja.io>  Mon, 30 Mar 2015  15:34:15 +0100

    bitninja (1.3.4) stable; urgency=low

      * Bugfix for bitninjacli

     -- bitninja.IO team <packaging@bitninja.io>  Mon, 30 Mar 2015  12:30:53 +0100

    bitninja (1.3.3) stable; urgency=low

      * Orphaned modules processes auto kill upon startup.

     -- bitninja.IO team <packaging@bitninja.io>  Sun, 29 Mar 2015  22:54:59 +0100

    bitninja (1.3.2) stable; urgency=low

      * Checking of auto-update

     -- bitninja.IO team <packaging@bitninja.io>  Sat, 28 Mar 2015  13:35:37 +0100

    bitninja (1.3.1) stable; urgency=low

      * BitNinja team pleased to announce the bitninjacli.
      * A command line interface for bitninja dashboard.
      * Usage: bitninjacli --help
      * Available functions are: whitelist|blacklist add|del|check
      *
      * On rpm based systems do a yum cache clean before auto update
      * Updated the contrib files by latest composer versions
      * Removing a greylisted IP now automatically removes it from essential list too.
      *
      * Free version is introduced with it's restrictions.
      * SenseLog extended with a Joomla attack vector detection filter.
      *
      * Fix around timezone settings and php.ini parsing.
      *

     -- bitninja.IO team <packaging@bitninja.io>  Sun, 22 Mar 2015  17:22:46 +0100

    bitninja (1.3.0) stable; urgency=low

      * BitNinja team pleased to announce the bitninjacli.
      * A command line interface for bitninja dashboard.
      * Usage: bitninjacli --help
      * Available functions are: whitelist|blacklist add|del|check
      *
      * On rpm based systems do a yum cache clean before auto-update
      * Updated the contrib files by latest composer versions
      * Removing a greylisted IP now automatically removes it from essential   list too.
      *
      * Free version is introduced with it's restrictions.
      *

     -- bitninja.IO team <packaging@bitninja.io>  Mon, 16 Mar 2015  23:21:39 +0100

    bitninja (1.2.2) stable; urgency=low

      * Minor bugfix about an etc file, nedded for specific debian versions�?? auto-update to be complete.
      * Reduced the log sending frequency to 2 sec.

     -- bitninja.IO team <packaging@bitninja.io>  Tue, 03 Feb 2015  15:12:56 +0100

    bitninja (1.2.1) stable; urgency=low

      * Minor bugfix about an etc file, nedded for specific debian versions�?? auto-update to be complete.
      * Reduced the log sending frequency to 2 sec.

     -- bitninja.IO team <packaging@bitninja.io>  Tue, 03 Feb 2015  15:12:27 +0100

    bitninja (1.2.0) stable; urgency=low

      * Minor bugfix about an etc file, nedded for specific debian versions�?? auto-update to be complete.
      * Reduced the log sending frequency to 2 sec.

     -- bitninja.IO team <packaging@bitninja.io>  Tue, 20 Jan 2015  17:22:09 +0100

    bitninja (1.1.3) stable; urgency=low

      * unnecessary dependencies were removed

     -- bitninja.IO team <packaging@bitninja.io>  Fri, 16 Jan 2015  15:30:00 +0100
    bitninja (1.1.2) stable; urgency=low

      * Minor bugfix about an etc file nedded for specific debian version auto update to complate.
      * Reduced the log sending frequency to 2 sec.

     -- bitninja.IO team <packaging@bitninja.io>  Mon, 12 Jan 2015  22:21:55 +0100

    bitninja (1.1.1) stable; urgency=low

      * Fixed the way bitninja client sends incidents to the central, it is much more efficient now.
      *

     -- bitninja.IO team <packaging@bitninja.io>  Sat, 10 Jan 2015  19:34:00 +0100

    bitninja (1.1.0) stable; urgency=low

      * Fixed the way bitninja client sends incidents to the central, it is much more efficient now.
      *

     -- bitninja.IO team <packaging@bitninja.io>  Sat, 10 Jan 2015  16:28:37 +0100

    bitninja (1.0.2) stable; urgency=low

      * Fixed the way bitninja client sends incidents to the central, it is much more efficient now.
      *

     -- bitninja.IO team <packaging@bitninja.io>  Sat, 10 Jan 2015  16:27:37 +0100

    bitninja (1.0.1) stable; urgency=low

      * Small fix about fuser syntax on Centos, differs from debian.

     -- bitninja.IO team <packaging@bitninja.io>  Mon, 30 Dec 2014 16:53:27 +0100

    bitninja (1.0.0) stable; urgency=low

      * SenseLog module (log analysis) is finished and active
      * Auto restart and self-update fixes. (low urgancy)

     -- bitninja.IO team <packaging@bitninja.io>  Mon, 30 Dec 2014 16:53:27 +0100

    bitninja (0.31) stable; urgency=low

      * UDP rejection upon greylisted IPs, except port 53
      * Cached host resolving on whiteists
      * New filter for dos detection for bitninja dns requests.
      * Bugfix to prevent process kills on CloudLinux
      * You can disabe ipset lists using /etc/bitninja/IpFilter/config.ini
      * Bugfixes about Debian6 ipset handling and statistical data sending
      * You can put your customized Captcha pages at /etc/bitninja/CaptcahHttp/www

     -- bitninja.IO team <packaging@bitninja.io>  Mon, 21 Oct 2014 16:53:27 +0100

    bitninja (0.30) stable; urgency=low

      * Fix for ipset path

     -- bitninja.IO team <packaging@bitninja.io>  Mon, 21 Oct 2014 16:53:27 +0100

    bitninja (0.29) stable; urgency=low

      * Some dependency bugs and small bugfixes

     -- bitninja.IO team <packaging@bitninja.io>  Mon, 21 Oct 2014 16:53:27 +0100

    bitninja (0.28) stable; urgency=low

      * Many bugfixes done since last release.

     -- bitninja.IO team <packaging@bitninja.io>  Mon, 21 Oct 2014 16:53:27 +0100

    bitninja (0.27) stable; urgency=low

      * Changed package name from heimdall to bitninja
      * New module: TalkBack is introduced to talk back to attacking servers
      * New module: AntFlood blacklist every IP with more than 20 incidents.

     -- bitninja.IO team <packaging@bitninja.io>  Mon, 09 Oct 2014 16:53:27 +0100

    bitninja (0.26) stable; urgency=low

      * Minor bugfixes on error handling

     -- bitninja.IO team <packaging@bitninja.io>  Mon, 21 Sep 2014 16:53:27 +0100

    bitninja (0.25) stable; urgency=low

      * Further major fixes about crash reporting. Crash reports now sent with http api.
      * CloudLinuxServer server type.

     -- bitninja.IO team <packaging@bitninja.io>  Mon, 09 Sep 2014 16:53:27 +0100

    bitninja (0.24) stable; urgency=low

      * Major fixes about crash reporting

     -- bitninja.IO team <packaging@bitninja.io>  Mon, 09 Sep 2014 16:53:27 +0100
    bitninja (0.23) stable; urgency=low

      * Rules apply for the filter table too
      * HoneypotHttp module first version implemented.
      * supports web based challenge and delisting for greylisted IPs
      * Logging changed to log files in /var/log/bitninja instead of syslog
      * ipables rules are moved from filter to mangle and nat
      * Improvements about many things

     -- bitninja.IO team <packaging@bitninja.io>  Mon, 02 Sep 2014 16:02:27 +0100
    bitninja (0.22) stable; urgency=low

      * Fixes about the rpm version. Deb version is intact

     -- bitninja.IO team <packaging@bitninja.io>  Mon, 25 Aug 2014 16:02:27 +0100

    bitninja (0.21) stable; urgency=high

      * Small fixes for logging
      * User defined white and blacklists implemented.
      * Fixed to use https for api calls instead of pure http

     -- bitninja.IO team <packaging@bitninja.io>  Sun, 15 Jul 2014 12:02:27 +0200

    bitninja (0.20) stable; urgency=high

      * Migration running refactored

     -- bitninja.IO team <packaging@bitninja.io>  Sun, 15 Jul 2014 12:02:27 +0200

    bitninja (0.19) stable; urgency=high

      * Some major bug fixes mostly around rpm auto update process
      * Some additional bug fixes for new format of bitninja ipsets.

     -- bitninja.IO team <packaging@bitninja.io>  Sun, 15 Jul 2014 12:02:27 +0200

    bitninja (0.15) stable; urgency=low

      * Some major bug fixes

     -- bitninja.IO team <packaging@bitninja.io>  Sun, 15 Jul 2014 12:02:27 +0200

    bitninja (0.14) stable; urgency=low

      * Some major fixes
      * Support for older Debian versions (like Debian6)
      * More verbose logging
      * New format of ip sets. Now using bitninja-greylist. Migration made for updates.
      * Syslog log router introduced. BitNinja currently logs every info and higher priority log message
      * Upon starting we check for zombie bitninja processes and kill them (fix for an older bug)

     -- bitninja.IO team <packaging@bitninja.io>  Sun, 11 Jul 2014 12:02:27 +0200

    bitninja (0.13) stable; urgency=low

      * Some minor fixes
      * Nicer logs for IP added and removed from lists
      * Prevention of starting multiple instances of bitninja client on the same machine.
      * Os detection support for older debian releases

     -- bitninja.IO team <packaging@bitninja.io>  Sun, 29 Jun 2014 12:02:27 +0200

    bitninja (0.12) stable; urgency=low

      * patches to work with rpm based systems

     -- bitninja.IO team <packaging@bitninja.io>  Sun, 29 Jun 2014 12:02:27 +0200

    bitninja (0.11) stable; urgency=low

      * php rebuild with newly required modules
      * NIC discovery

     -- bitninja.IO team <packaging@bitninja.io>  Sun, 10 Jun 2014 12:02:27 +0200

    bitninja (0.10) stable; urgency=high

      * Hotfix of config

     -- bitninja.IO team <packaging@bitninja.io>  Sun, 10 Jun 2014 12:02:27 +0200

    bitninja (0.9) stable; urgency=high

      * Beta 1
      * Self-update process fixed.
      * Config files reorganized again. Please remove and reinstall bitninja!

     -- bitninja.IO team <packaging@bitninja.io>  Sun, 10 Jun 2014 12:02:27 +0200

    bitninja (0.8) stable; urgency=low

      * RC 3
      * minor bugfix for config and auto-update

     -- bitninja.IO team <packaging@bitninja.io>  Sun, 10 Jun 2014 12:02:27 +0200

    bitninja (0.7) stable; urgency=low

      * RC 2
      * implementing buffered logging

     -- bitninja.IO team <packaging@bitninja.io>  Sun, 10 Jun 2014 12:02:27 +0200

    bitninja (0.6) unstable; urgency=low

      * /opt/bitninja/php/bin bug fixed.

     -- bitninja.IO team <packaging@bitninja.io>  Sun, 10 Jun 2014 12:02:27 +0200

    bitninja (0.5) unstable; urgency=low

      * RC testing package
      * fixed auto-update
      * bitninja-config works and installed to /usr/local/sbin
      * config file license_key read by WorkerHttp
      * ready for tests

     -- bitninja.IO team <packaging@bitninja.io>  Sun, 10 Jun 2014 12:02:27 +0200

    bitninja (0.4) stable; urgency=low

      * Fires release candidate testing package
      * Built against i386 and amd64 architectures
      * Ipset badbot set handling and iptables ruleset handling works great.
      * badbot list initialization and continuous update works.

     -- bitninja.IO team <packaging@bitninja.io>  Sun, 09 Jun 2014 21:02:27 +0200

    bitninja (0.3) unstable; urgency=low

      * Created standard init script for installation.
      * bitninja shield works.
      * Initial ipset list downloads automatically. System information sent to bitninjacentral every 2 seconds.
      * Iptables rules set automatically.

     -- bitninja.IO team <packaging@bitninja.io>  Sun, 06 Jun 2014 18:02:27 +0200

    bitninja (0.2) unstable; urgency=low

      * First iteration

     -- bitninja.IO team <packaging@bitninja.io>  Sun, 02 Jun 2014 19:30:27 +0200

    bitninja (0.1) unstable; urgency=low

      * Initial Release.

     -- bitninja.IO team <packaging@bitninja.io>  Sun, 18 May 2014 21:20:27 +0200