Alle Optionen
bullseye  ] [  bookworm  ] [  sid  ] [  experimental  ]
[ Quellcode: crowdsec  ]

Paket: crowdsec (1.0.9-4)

Links für crowdsec

Screenshot

Debian-Ressourcen:

Quellcode-Paket crowdsec herunterladen:

Betreuer:

Externe Ressourcen:

Ähnliche Pakete:

Experimentelles Paket

Warnung: Dieses Paket stammt aus der Experimental-Distribution. Dies bedeutet, dass es höchstwahrscheinlich instabil oder fehlerhaft ist und sogar Datenverlust verursachen kann. Bitte lesen Sie den Changelog und andere möglicherweise verfügbare Dokumentation, bevor Sie es benutzen.

lightweight and collaborative security engine

CrowdSec is a lightweight security engine, able to detect and remedy aggressive network behavior. It can leverage and also enrich a global community-wide IP reputation database, to help fight online cybersec aggressions in a collaborative manner.

CrowdSec can read many log sources, parse and also enrich them, in order to detect specific scenarios, that usually represent malevolent behavior. Parsers, Enrichers, and Scenarios are YAML files that can be shared and downloaded through a specific Hub, as well as be created or adapted locally.

Detection results are available for CrowdSec, its CLI tools and bouncers via an HTTP API. Triggered scenarios lead to an alert, which often results in a decision (e.g. IP banned for 4 hours) that can be consumed by bouncers (software components enforcing a decision, such as an iptables ban, an nginx lua script, or any custom user script).

The CLI allows users to deploy a Metabase Docker image to provide simple-to-deploy dashboards of ongoing activity. The CrowdSec daemon is also instrumented with Prometheus to provide observability.

CrowdSec can be used against live logs (“à la fail2ban”), but can also work on cold logs to help, in a forensic context, to build an analysis for past events.

On top of that, CrowdSec aims at sharing detection signals amongst all participants, to pre-emptively allow users to block likely attackers. To achieve this, minimal meta-information about the attack is shared with the CrowdSec organization for further retribution.

Users can also decide not to take part into the collective effort via the central API, but to register on a local API instead.

Andere Pakete mit Bezug zu crowdsec

  • hängt ab von
  • empfiehlt
  • schlägt vor
  • erweitert

crowdsec herunterladen

Download für alle verfügbaren Architekturen
Architektur Paketgröße Größe (installiert) Dateien
amd64 9.294,4 kB33.471,0 kB [Liste der Dateien]
arm64 7.972,3 kB32.207,0 kB [Liste der Dateien]
armel 8.107,1 kB31.906,0 kB [Liste der Dateien]
armhf 8.085,3 kB31.794,0 kB [Liste der Dateien]
i386 8.694,9 kB31.788,0 kB [Liste der Dateien]
mipsel 7.350,3 kB35.701,0 kB [Liste der Dateien]
riscv64 (inoffizielle Portierung) 8.434,1 kB33.507,0 kB [Liste der Dateien]
s390x 8.309,4 kB35.075,0 kB [Liste der Dateien]