NINJA BLOG

Marcell Csendes | 2022.08.25. |
Network Attacks - What are they and how can you filter them with BitNinja?

Network Attacks – What are they and how can you filter them with BitNinja?

BitNinja Security Starting Point – A Short Educational Program

Here at BitNinja we think that cyber security should be simple. So, we’ve designed BitNinja to make your life easier. We’ve built features and capabilities that can greatly simplify your work.

Here is a short guide to our product with tips and helpful hints. These educational articles should help you properly utilise BitNinja’s features to grow your company while having a clear understanding of how it works!

1. Network Attacks – What are they and how can you filter them with BitNinja?
2. Malware Detection – Set up, schedule, catch and quarantine with BitNinja
3. WAF- Managing patterns and testing the BitNinja WAF
4. IP filtering – Blacklists, whitelists, greylists and the BitNinja logic

In this first article we will tell you more about:

  1. What are Network Attacks?
  2. How you can filter Network Attacks?

What are Network Attacks?

Network attacks are unauthorized actions on the digital assets within a company’s network. Attacks are on the rise so it is important to keep in mind the most important type of attacks.

How you can filter Network Attacks?

The Network Attacks tab is where you can take a deep dive. Thanks to our unified dashboard, here you will see each attack that happened on all of your servers and all the modules that have been triggered by some type of malicious activity. 

📌 If an IP attacks any of your servers, every other server will be protected against that IP in a matter of seconds.

For example, you can see the label “PORT HITS” any time when someone did try to discover open ports on your server and reached our HoneyPot (fake ports) we set up for them.

We have developed a powerful technique to filter out even more unwanted traffic and grow our IP reputation list – we have historical information about 100,000,000 IP addresses! 

🍯 BitNinja Honeypots trap suspicious connections, so cybercriminals won’t be able to access the valid services on your servers, only the fake ones which are set up to trap them. 100 honeypots are set up by default to capture most attacks. BitNinja will also turn backdoors it discovers into honeypots automatically. Honeypots not only collect information about suspicious IPs, but also automatically block them to prevent further attacks. On an average week, honeypots catch more than 50 million attacks, and the false-positive ratio is only 0,0012%. 

The details you see here are specific to the type of incident that you ran into. For example, you will see the HTTP Header related to incidents that triggered our WAF.

Furthermore, you can also filter for specific incidents:

  • Incident/Attack Types
  • Countries
  • Affected Servers
  • Date Range
  • IP Addresses

📌 Testing the modules to see the incidents is also possible: Testing BitNinja | BitNinja Documentation

BUILD YOUR SECURITY

Start the 7-day free trial with full functionality without spending a cent.

TOP ARTICLES