I’m a mouse and I do mouse things. I like cheese.

  • 0 Posts
  • 6 Comments
Joined 1 year ago
cake
Cake day: July 4th, 2023

help-circle

  • Hi,

    Reading the thread I decided to give it a go, I went ahead and configured crowdsec. I have a few questions, if I may, here’s the setup:

    • I have set up the basic collections/parsers (mainly nginx/linux/sshd/base-http-scenarios/http-cve)
    • I only have two services open on the firewall, https and ssh (no root login, ssh key only)
    • I have set up the firewall bouncer.

    If I understand correctly, any attack detected will result in the ip being banned via iptables rule (for a configured duration, by default 4 hours).

    • Is there any added value to run the nginx bouncer on top of that, or any other?
    • cscli hub update/upgrade will fetch new definitions for collections if I undestand correctly. Is there any need to run this regularly, scheduled with let’s say a cron job, or does crowdsec do that automatically in the background?



  • Alfi@lemmy.alfi.casatoMemes@lemmy.mlAndroid lemmians
    link
    fedilink
    arrow-up
    26
    ·
    edit-2
    1 year ago

    I went to the playstore, and looked for boost. Although it’s not yet released, it already lists the data that will be collected (quite a lot).

    Meanwhile jerboa states that it collects and shares no data. It has room for improvement, but it’s fully functional and fits my needs for browsing Lemmy.