crowdsec online with Winfy

We have hosted the application crowdsec in order to run this application in our online workstations with Wine or directly.

Quick description about crowdsec:

CrowdSec - an open-source massively multiplayer firewall able to analyze visitor behavior & provide an adapted response to all kinds of attacks. It also leverages the crowd power to generate a global IP reputation database to protect the user network. Crowdsec shouldn't, and didn't crash any production so far we know, but some features might be missing or undergo evolutions. IP Blocklists are limited to very-safe-to-ban IPs only (~5% of the global database so far, will grow soon). A modern behavior detection system, written in Go. It stacks on Fail2ban's philosophy, but uses Grok patterns & YAML grammar to analyse logs, a modern decoupled approach (detect here, remedy there) for Cloud/Containers/VM based infrastructures. Once detected you can remedy threats with various bouncers (block, 403, Captchas, etc.) and blocked IPs are shared among all users to further improve their security. Crowdsec is an open-source, lightweight software, detecting peers with aggressive behaviors.

Features:

• CrowdSec parses logs to assess the behavior of IP addresses
• Offending IPs are dealt with locally (block, captcha, 2FA, etc.)
• Free & open-source security automation tool
• Local IP behavior detection & a community-powered IP reputation system
• Designed to run seamlessly on servers
• Logs are normalized using GROK pattern

Programming Language: Go.
Categories: