Major New Features
Auto-Pattern Detection
- Automatically identifies common patterns in attack traffic
- Creates and saves new attack signatures
- Optional automatic blocking of newly detected patterns
- Stored in
new_detected_methods.jsonfor review
External API Integration
- Send blocked IPs to third-party security services
- Multiple authentication methods (bearer, basic, custom headers)
- Batch processing options
- Customizable request templates
Improved Attack Classification
- Three-tier attack categorization:
- Pure spoofed IP attacks
- Valid IP attacks (direct attacks) & (reflection/amplification)
- Other specialized attacks
- Different mitigation strategies for each category
Performance & Reliability
- Optimized packet capture with process prioritization
- Automatic PCAP file management
- Better memory handling for large traffic volumes
- Improved error recovery during attacks
Configuration Upgrades
Added extensive configuration options in settings.ini:
- Advanced mitigation controls
- Pattern detection sensitivity
- Contributor threshold settings
- External API integration parameters
Usage
Setup and installation remain the same as v1.0.
REMOVE existing configurations!
Upgrade Notes
- Backup your existing
settings.inibefore upgrading - Review the new default settings and adjust as needed
- If you have custom attack methods, consider updating to the new format