User:N ikcsi07/sandbox

BitNinja
It is a server security software which protects against a wide range of cyberattacks:·


 * CMS ( Content Management System, like Wordpress, Joomla, Drupa) hacks
 * port scans
 * enumeration
 * information leakage
 * SQL injection
 * script injection


 * XSS/ cross site scripting/


 * bruteforce
 * on-site request forgery
 * cross-site request forgery
 * malware infections
 * defacement
 * UI redressing
 * phishing
 * application level DoS attacks
 * spam s

It is an easy to use software that takes only a couple of minutes to install, with a one-line installation code, and after the installation it requires virtually no maintenance. It is a mixture of an on-premise and a cloud-based solution, as the BitNinja itself is an agent which sits on your own infrastructure without the need to redirect your sensitive data. Meaning, it does not act as a third party between the central server and the end user. In the meantime, it communicates with the central server in the cloud. It has a new developement that is called Defence Network, which enables each newly configured BitNinja server to collect all the attack details from the received hacking/cracking attempt and sends it to the central server and to all the other BitNinja enabled servers, which learn the information. This way, the protective shield just gets stronger and stronger with every single attack. It works like an ecosystem.

= Modules =

BitNinja is a modular system, because it has 7 active modules that fight against each stage of a cyberattack, starting from the scanning period until the exploitation, the last phase.
 * Custom honeypot
 * WAF (Web Application Firewall)
 * IP Reputation lists
 * Log Analysis
 * Malware and Virus Detection
 * Server Layer DDoS Mitigation
 * Port Honeypot

Incident Reports
BitNinja sends out automatic incident reports to those server owners from whose server it experiences attacks coming towards BitNinja protected servers. As most of the server owners/administrators are not aware of these malicious acts, this incident report system proves successful and effective. The logs are always sent out masked by hashtags due to security issues and decisions of the clients. One can ask for the unaltered logs from the support team. The logs always include the attacker IP, the date of the attack and the victim server and the target domain. It is important to try to identify the root of the problem if you know how to do it, or ask for professional assistance. The support team also provides those with the unaltered logs who contact them via email.