Alfi

joined 1 year ago
sorted by: new top controversial old
They work! in c/lemmyshitpost@lemmy.world
They work! in c/lemmyshitpost@lemmy.world
[–] Alfi@lemmy.alfi.casa 8 points 1 year ago* (last edited 1 year ago)

Then you're allowed

They work! in c/lemmyshitpost@lemmy.world
What is a good hobby for a depressed person? in c/asklemmy@lemmy.ml
[–] Alfi@lemmy.alfi.casa 4 points 1 year ago (1 children)

The details look great!

What is a good hobby for a depressed person? in c/asklemmy@lemmy.ml
How do you deal with malicious requests to your servers? in c/selfhosted@lemmy.world
[–] Alfi@lemmy.alfi.casa 3 points 1 year ago* (last edited 1 year ago) (1 children)

Hi,

Reading the thread I decided to give it a go, I went ahead and configured crowdsec. I have a few questions, if I may, here's the setup:

  • I have set up the basic collections/parsers (mainly nginx/linux/sshd/base-http-scenarios/http-cve)
  • I only have two services open on the firewall, https and ssh (no root login, ssh key only)
  • I have set up the firewall bouncer.

If I understand correctly, any attack detected will result in the ip being banned via iptables rule (for a configured duration, by default 4 hours).

  • Is there any added value to run the nginx bouncer on top of that, or any other?
  • cscli hub update/upgrade will fetch new definitions for collections if I undestand correctly. Is there any need to run this regularly, scheduled with let's say a cron job, or does crowdsec do that automatically in the background?
How do you deal with malicious requests to your servers? in c/selfhosted@lemmy.world
[–] Alfi@lemmy.alfi.casa 8 points 1 year ago

sometimes I grab popcorn and "tail -f /var/log/secure"

Lemmy v0.18.1 Release in c/announcements@lemmy.ml
[–] Alfi@lemmy.alfi.casa 7 points 1 year ago

Thanks, awesome!