A startup from Montrouge, France that is founded by philippe humeau.
Community-Driven Threat Intelligence
CrowdSec leverages a collaborative community to share and receive real-time threat intelligence, which helps improve security posture by updating systems with new threat patterns observed worldwide.
Scalability
CrowdSec is designed to work across various environments, including cloud and on-premises infrastructures, and can handle large-scale deployments thanks to its distributed architecture.
Free and Open-Source
As an open-source solution, CrowdSec is free to use, offering transparent access to its code and the ability to customize or extend the software to suit specific needs.
Multi-Layered Defense
CrowdSec provides a multi-layered approach by incorporating various bouncers that can operate at different layers (firewalls, web applications, etc.), offering comprehensive protection against attacks.
Ease of Use
The platform is designed to be user-friendly, with an easy setup process and intuitive dashboards, making it accessible for users with varying levels of technical expertise.
We have collected here some useful links to help you find out if CrowdSec is good.
Check the traffic stats of CrowdSec on SimilarWeb. The key metrics to look for are: monthly visits, average visit duration, pages per visit, and traffic by country. Moreoever, check the traffic sources. For example "Direct" traffic is a good sign.
Check the "Domain Rating" of CrowdSec on Ahrefs. The domain rating is a measure of the strength of a website's backlink profile on a scale from 0 to 100. It shows the strength of CrowdSec's backlink profile compared to the other websites. In most cases a domain rating of 60+ is considered good and 70+ is considered very good.
Check the "Domain Authority" of CrowdSec on MOZ. A website's domain authority (DA) is a search engine ranking score that predicts how well a website will rank on search engine result pages (SERPs). It is based on a 100-point logarithmic scale, with higher scores corresponding to a greater likelihood of ranking. This is another useful metric to check if a website is good.
The latest comments about CrowdSec on Reddit. This can help you find out how popualr the product is and what people think about it.
This tool crowdsec.net is really interesting to mitigate and enact defense systems for different scenarios. Source: about 2 years ago
You should check out https://crowdsec.net. More advanced, uses crowdsources cti to block attacks even before they happen. Also both nginx and captcha is supported. Disclaimer: I am head of community. Visit /r/CrowdSec or our Discord at https://discord.gg/crowdsec if you have questions :-). Source: over 2 years ago
Before falling too much in love with Fail2Ban try taking a look at https://crowdsec.net. Similar functionality but way more advanced (but easier to configure). New project that leverages the power of the crowd and shares information of attacks among users so they help each other out protecting themselves. Source: over 2 years ago
You could try out https://crowdsec.net. It’s an advanced FOSS framework for detecting a number of different attacks and not limited to just brute force attacks like Fail2Ban as /u/nonself suggests. The basic concept of CrowdSes is that it reads log, detects attacks, mitigates attacks (CrowdSec integrates directly into the Flask application) and shares information about those attacks with everyone else using... Source: over 2 years ago
Not what you suggested but have you considered https://crowdsec.net? Not just a collaborative and more advanced version of Fail2Ban but in this case you want it because of the collaborative blocklist; we made an article showing that 92% of attacks was blocked in advanced by ip reputation before any attacks were performed. Disclaimer: I am head of community so I might be a bit biased. It’s still a cool FOSS project... Source: almost 3 years ago
So in that way everybody using CrowdSec are helping each other out. More information at https://crowdsec.net. - Source: Hacker News / almost 3 years ago
The CrowdSec folks have something similar to that: https://crowdsec.net/ https://github.com/crowdsecurity/crowdsec. - Source: Hacker News / almost 3 years ago
You should consider adding CrowdSec to the list of tools. Here's an article on why CrowdSec's not just a Fail2Ban clone. Source: about 3 years ago
Something like that would be fairly trivial to do with CrowdSec. Currently there’s no support for Wireguard. This would require a log parser and a scenario which describes the two attacks in the article you point to. But, as I said it would be fairly trivial. There’s an existing parser and scenario which detect portscans via kmesg in syslog. So doing the same with Wireguard and dyndbg would be easy enough.... Source: about 3 years ago
I'm trying to use CrowdSec (https://crowdsec.net/) to help protect my NAS but I'm unsure how to use Traefik or Nginx Proxy Manager due to DSM using ports 80/443. Is there anything else I can do to replace Synology's built in reverse proxy? Source: about 3 years ago
As u/Puptentjoe mentions, nothing else to do than a vpn if you are the only user. Otherwise reverse proxy and security software. I use Swag and Crowdsec. Source: about 3 years ago
Not directly related to your question but ... Crowdsec is a security software that you can use to get notifications in case of intrusion alerts. Source: about 3 years ago
Maybe crowdsec is an option for you? Works really good for me and was easy to install/configure. Source: about 3 years ago
And for general routing behind Traefik I use Crowdsec Docker for monitoring traffic and blocking it. I did NMAP scan over VPN and I got banned :D Https://crowdsec.net/. Source: about 3 years ago
Go to https://crowdsec.net/ and scroll down the page until you get to "Where to use it" you will see a bunch of icons. Under "Services" there a greyed out pfSense logo icon. Source: about 3 years ago
I use https://crowdsec.net/ and have helped Ukraine. I went from "ipset list crowdsec-blacklists" showing about 3,500 lines to almost 15,000 now. I'm being attacked. Source: over 3 years ago
I'd suggest swag. Includes all you need. Very easy to configure. I'd also add crowdsec for an additional security layer. Source: over 3 years ago
I don't know exaxtly what you mean by a distributed community run firewall but https://crowdsec.net/ collects information (anonymously) on the attacks users see and shares it with all other users after vetting them. So in this way the community helps itself (or each other, if you will). Currently around 800k signals are collected daily and around 19k ips are shared back to users as blocklists. - Source: Hacker News / over 3 years ago
Https://crowdsec.net/ can also do something like that, only more advanced in the attacks it detects and because it's sharing bad ips from users to everyone else. I love that users in this way are watching each other's back. - Source: Hacker News / over 3 years ago
How about using a tool like https://crowdsec.net/ that collects (basic, anonymious) information from users on the attacks they see, vets it and shares it back to all users via blocklists? Currently around 800k signals are collected and there's around 19k vetted bad ips in the blocklist. Sounds more reliable to me. - Source: Hacker News / over 3 years ago
That's one of many reason why https://crowdsec.net/ was created. It collects (anonymized) threat intelligence from all users, vets it and distributes it as relevant blocklists. Once there's enough users it will be a very effective way to fight bad guys. And unlike your suggestion it DOES make a difference. Currently around 800k signals are collected daily and there's around 19k vetted malevolent ips distributed to... - Source: Hacker News / over 3 years ago
Do you know an article comparing CrowdSec to other products?
Suggest a link to a post with product alternatives.
Is CrowdSec good? This is an informative page that will help you find out. Moreover, you can review and discuss CrowdSec here. The primary details have not been verified within the last quarter, and they might be outdated. If you think we are missing something, please use the means on this page to comment or suggest changes. All reviews and comments are highly encouranged and appreciated as they help everyone in the community to make an informed choice. Please always be kind and objective when evaluating a product and sharing your opinion.
