Dnext

#crowdsec

February 27, 2022 10:43am

I've been using CrowdSec for a few weeks now and it's pretty good, if occasionally a little rough round the edges. I particularly like the console which gives nice visualisations and stats on attack types, countries, ASNs, targets and so on. Dual running with fail2ban, CrowdSec didn't miss any of the usual SSH brute force attempts (in fact it seems to pick up more, out of the box) and the shared community blocklist (currently 11k IPs) is a killer feature.

I haven't turned off fail2ban entirely only because CrowdSec doesn't yet have collections for exim and sendmail - if nobody else adds them I might contribute them myself when time permits. However there's-out-of-the-box setup for lots of other common server apps. The installer does a reasonable job of detecting what's running and configuring it for you on first install, and you can install more collections with a single command.

It's worth remembering to update collections from the hub regularly as new attack detections are periodically added. That's just a couple of commands with cscli, the provided CLI client, which is the main way of seeing what it's doing and configuring it. I've made a few manual tweaks to the config (YAML) to match my setup (log file locations, and ignoring my own IPs for safety) and that's it.

#CrowdSec #fail2ban #sysadmin

CrowdSec, the open-source & collaborative IPS

CrowdSec is an open-source and collaborative IPS leveraging the crowd power. Analyze behaviors, respond to attacks & share signals across the community. Let's make the Internet safer, together.

Mark Lansbury

February 5, 2022 12:51pm

CrowdSec - The open-source & collaborative IPS

The quantity of pre-detected IPs which are identified as aggressive & dangerous has increased dramatically as CrowdSec continues to be put into use by more and more individuals and organisations.

CrowdSec is OpenSource, free and also offers professional services for organisations which feel they need to pay in order for OpenSource to be OK to use.

Collaborative Security

"Our strength comes from our cybersecurity community that is burning cybercriminals’ anonymity. By sharing IP addresses that aggressed you, you help us curate and redistribute a qualified IP blocklist to protect everyone."

https://crowdsec.net/

#security #privacy #WordPress #Drupal #Internet #OpenSource #CrowdSec #server #protection #Fail2Ban

CrowdSec, the open-source & collaborative IPS

CrowdSec is an open-source and collaborative IPS leveraging the crowd power. Analyze behaviors, respond to attacks & share signals across the community. Let's make the Internet safer, together.

Dr. Roy Schestowitz

January 19, 2022 5:37pm

Protect your #PHP website from bots with this open source tool | ⚓ https://opensource.com/article/22/1/php-website-bouncer-crowdsec ䷉ #FreeSW #RedHat #crowdsec

Protect your PHP website from bots with this open source tool

PHP is a widely-used programming language on the web, and it's estimated that nearly 80% of all websites use it. My team at CrowdSec decided that we needed to provide server admins with a PHP bouncer to help ward away bots and bad actors who may...

0 Persons are tagged with #crowdsec

#crowdsec

CrowdSec - The open-source & collaborative IPS