There are a lot of courses out here about offensive security and penetration testing. They are extremely useful. But even if you are a penetration tester, security consultant, a linux administrator or a developer, you should also have to know how to fix your security. How to protect actively (so in real time) and reactively your linux servers. And this is not an easy task, believe me, I hack websites and servers for living. And at the end of the audit, I have to give a report about how I did it and how to protect against attacks like mine.
So wouldn't be easy if you would really on an actively working Web Application Firewall, Firewall and Intrusion Prevention System. To have an all in one product easily manageable, that would know the attacks and prevent them from being successful?
This course is all about this. It is about protecting your server. You will witness different attacks and you will see a product like this in action. This product is called BitNinja and it is an All in one security for Linux Servers. So you can see the attacks but also you will see how to protect against them.
It's very important to know that BitNinja is a commercial, subscription-based product. Hovewer, for this training, you will have an extended free trial so you can test it in your lab environment or even in production.
This is a hands-on training based on demos. So a basic knowledge of Linux would be very useful.
Interested in learning more about the product? Feel free to browse https://bitninja.io
So what are the topics we will discuss about:
- We will start with an overview of a Wordpress Attack. We will scann a website hosted on Wordpress and exploit its vulnerabilities. Furthermore we will upload a backdoor so we can have remote access to the target server.
- Then we will dig in Bitninja. We will begin by installing and registering the product and see it's main features. We will talk then about proactive protection mechanisms such as IP Reputation, Port Honeypots, Web Honeypots, DoS Detection and WAF Modules.
- We will continue with reactive protection mechanisms such as Malware Detection, Outbound WAF and we will see bitninja-cli capabilities.
- Furthermore, we will find sources of an infection and spamming and source of outbound attacks.
- In the end we will learn about troubleshooting and how to find a trouble maker IP. I think you will enjoy all of this.
How BitNinja Works
- Easy setup- Enjoy immediate protection on your server. BitNinja is designed to install and work with as little human interaction as possible. Run one line of code and your server is protected from 99% of attacks.
- All-in-one protection- BitNinja combines the most powerful server security software in one easy-to-use protection suite. You get full-stack protection against XSS, DDoS, malware, scans, script injection, enumeration, brute force and other automated attacks — on all major protocols, not only HTTP(S).
- Machine learning- Servers protected by BitNinja learn from each attack and inform each other about malicious IPs. This result is a global defense network that counteracts botnet attacks with a shield of protection for all servers running BitNinja, while also reducing the number of false positives each server encounters.
Senior Information Security Consultant
- I work in the Internet security team, focused on ethical hacking - deliberately and purposefully challenging the IT security assumptions, strategies, and methods of protecting vital assets and information by emulating an adversary.
- Scan and exploit for a wide variety of data center infrastructure and application vulnerabilities, following defined rules of engagement and attack scenarios (ethical hacking).
- Make recommendations on security weaknesses and report on activities and findings.
- Perform Internet penetration testing (black box / white box testing) and code reviews (manual and automated)
- Use testing tools as NetBIOS scanning, network pinging and testing, packet crafting and analyzing, port scanning for vulnerability assessment
- Perform analysis and testing to verify the strengths and weaknesses of Web Applications and Web Services (SML, SOAP, WSDL, UDDI, etc.)
- Perform analysis and testing to verify the strengths and weaknesses of a variety of operating systems, network devices, web applications, and security architectures
- Assist with the development of remediation services for identified findings
- Customize, operate, audit, and maintain security related tools and applications
- CEH, ECSA, CHFI from EC-Council
- Cisco CCNA, CCNA Security, Linux Essentials
- CREST Registered Penetration Tester (CRT)
- CHFI (Computer Hacking Forensic Investigator)
- ISO 270001 Lead Auditor
- ECSA (EC-Council Security Analyst)
- CEH (Certified Ethical Hacker)
- CCNA and CCNA Security
- CCNP Routing and CCNP Switching
- Advanced Linux&InfoSEC
- VMWare vSphere Install, Configure, Manage
- Microsoft Certified Technology Specialist (MCTS/MCP 70-642): Microsoft Windows Server 2008 Network Infrastructure, etc.
StartRegistration and Installation - Useful Information
StartRegistration and installation (8:51)
StartIP Reputations. IP lists - User vs Global lists. Greylisting, Blacklists, Whitelist (16:57)
StartHTTP CAPTCHA (8:35)
StartSMTP CAPTHCA (4:27)
StartCommands used in SSLTerminating Lecture
StartSslTerminating Module (32:12)
StartSslTerminating Module - Adding Certs Manually (5:00)