InfluxDB is the Time Series Platform where developers build real-time applications for analytics, IoT and cloud-native services. Easy to start, it is available in the cloud or on-premises. Learn more →
Crowdsec Alternatives
Similar projects and alternatives to crowdsec
-
-
Nginx Proxy Manager
Docker container for managing Nginx proxy hosts with a simple, powerful interface
-
InfluxDB
Build time-series-based applications quickly and at scale.. InfluxDB is the Time Series Platform where developers build real-time applications for analytics, IoT and cloud-native services. Easy to start, it is available in the cloud or on-premises.
-
-
-
Wazuh
Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
-
docker-swag
Nginx webserver and reverse proxy with php support and a built-in Certbot (Let's Encrypt) client. It also contains fail2ban for intrusion prevention.
-
ansible-collection-hardening
This Ansible collection provides battle tested hardening for Linux, SSH, nginx, MySQL
-
SonarLint
Clean code begins in your IDE with SonarLint. Up your coding game and discover issues early. SonarLint is a free plugin that helps you find & fix bugs and security issues from the moment you start writing code. Install from your favorite IDE marketplace today.
-
ModSecurity
ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx that is developed by Trustwave's SpiderLabs. It has a robust event-based programming language which provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis. With over 10,000 deployments world-wide, ModSecurity is the most widely deployed WAF in existence.
-
Mail-in-a-Box
Mail-in-a-Box helps individuals take back control of their email by defining a one-click, easy-to-deploy SMTP+everything else server: a mail server in a box.
-
masscan
TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.
-
awayto
Awayto is a curated development platform, producing great value with minimal investment. With all the ways there are to reach a solution, it's important to understand the landscape of tools to use.
-
-
-
-
-
lynis
Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
-
-
blocklist-ipsets
ipsets dynamically updated with firehol's update-ipsets.sh script
-
-
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
crowdsec reviews and mentions
-
Hardening exposed WireGuard ports
Do I need something like crowdsec, or is WireGuard secure enough on its own?
-
Banning users for certain actions
You could try out https://crowdsec.net. It’s an advanced FOSS framework for detecting a number of different attacks and not limited to just brute force attacks like Fail2Ban as /u/nonself suggests. The basic concept of CrowdSes is that it reads log, detects attacks, mitigates attacks (CrowdSec integrates directly into the Flask application) and shares information about those attacks with everyone else using CrowdSec. Disclaimer: I am head of community at CrowdSec so my opinions may be a little biased :-)
-
How to access Docker containers on home server from public IP?
You need to setup reverse proxy. nginx-proxy-manager, swag. There are also more options like caddy, haproxy etc... You can also setup a VPN and or a service like authelia, fail2ban, crowdsec to restrict access to your site.
-
Crosscompiling CrowdSec on amd64 (Ubuntu 22.04) to arm64 (FriendlyWRT / OpenWRT 22.04)?
Release v1.4.1 · crowdsecurity/crowdsec (github.com)
-
Block traffic from every country except the USA? - Apache2/SSH
Not what you suggested but have you considered https://crowdsec.net? Not just a collaborative and more advanced version of Fail2Ban but in this case you want it because of the collaborative blocklist; we made an article showing that 92% of attacks was blocked in advanced by ip reputation before any attacks were performed. Disclaimer: I am head of community so I might be a bit biased. It’s still a cool FOSS project though :-)
-
Newbie help...docker, portainer, godaddy
You need to look into reverse proxy. Most common one is nginx-proxy-manager which has a nice GUI. There is also SWAG. Both can been configured to get free SSL certificates. For security: authelia, fail2ban, crowdsec. I also suggest to configure wireguard, wg-easy. If you have any questions, we are here. Welcome and good luck!
-
Large scale Internet SSH brute force attacks seem to have stopped here
So in that way everybody using CrowdSec are helping each other out. More information at https://crowdsec.net.
The CrowdSec folks have something similar to that:
https://crowdsec.net/ https://github.com/crowdsecurity/crowdsec
- Security Sanity Check
-
Logging unauthorised attempts
Something like that would be fairly trivial to do with CrowdSec. Currently there’s no support for Wireguard. This would require a log parser and a scenario which describes the two attacks in the article you point to. But, as I said it would be fairly trivial. There’s an existing parser and scenario which detect portscans via kmesg in syslog. So doing the same with Wireguard and dyndbg would be easy enough. Actually I had already been considering making this for Wireguard but I was missing information about which attacks to look for as well as log samples. So I’ll probably give it a go within a week. Would you like to help out by being my guinea pig? That would save me the work of setting up a Wireguard server myself :-)
-
A note from our sponsor - InfluxDB
www.influxdata.com | 2 Feb 2023
Stats
crowdsecurity/crowdsec is an open source project licensed under MIT License which is an OSI approved license.