New features for our closed beta outbound Spam detection (Coming to open beta soon!), a new signature type for our malware engine, and WAF stability improvements. All this, and more in the newest BitNinja versions (V3.2.0 and 3.2.1)!
Most systems will automatically update, if you have specific settings or applications preventing automatic updates, you can follow our documentation on how to proceed to have the latest version installed.
Here's what's changed:
Added a brand new signature type: MD5-Clean.
- These signatures can clean the most common malware (even if they are injected!) during phase 1 efficiently. Our already existing malware cleaning signatures (SA-MD5 Snippets) have been cleaning injected malware in Phase 2, however, this new signature type allows you to do this in Phase 1 (the fast scanning phase), decreasing our already low footprint.
The active scan can now be enabled or disabled from the config.
- From now on, you can enable or disable the active scan by using the
enable_active_scan option found in
Added ability to create user-level MD5 and MD5-Clean signatures automatically during Phase 2.
- This allows your system to speed up subsequent Phase 1 scans. This option is disabled by default, to turn it on navigate to the above-mentioned
/etc/bitninja/MalwareDetection/config.ini and change the value of the
create_signatures_during_phase2 config option to 1.
Added support for inotify versions greater than 3.1.4.
- BitNinja now supports higher versions of inotify. Yay!
Added a new config option to our WAF Module to set read timeout for Nginx.
- This new config option called
proxy_read_timeout will now enable you to easily modify Nginx proxy read timeout. By default BitNinja comes with a safe preset, however, on some larger machines, it could help to increase this limit.
Added a whitelist for sender scripts.
- You can set up two different lists: a
path list or
file list. Path is used to define absolute paths which SpamDetection would never flag as a potential spammer script. The file option can be used to define file names (without path) BitNinja should not consider as a spammer script.
Fixed a bug where the connection to our API would not restore in some edgecases.
- In some rare cases, the dispatcher would not reconnect to our API. This has been fixed to ensure smooth communication even after a lost connection.
Fixed an issue that caused some logs to be lost.
- We gave them a flashlight to find their way in the darkness! On a serious note, we have moved their logs under
/var/log/bitninja-dispatcher and they are rotated separately. The current logs are always indicated with
The newest BitNinja versions (V3.2.0 and 3.2.1) introduced a brand new signature type, WAF stability improvements and new features for our closed beta SpamDetection module.
If you'd like to read more about previous release notes, you can 🔎find them here. Alternatively, if you would like to see your feature request show up here, don't forget to cast your🙋♂️Vote.