No video
CrowdSec Absolute Beginners Workshop
Рет қаралды 10,070
Күн бұрынWorkshop Link: killercoda.com...
In this video our support specialist walks you through the absolute beginners workshop! This workshop is simplistic in nature as we wanted to ensure even those within minimal UNIX skills can experience the power of the CrowdSec!
chapters:
00:00 Intro
00:08 Start
02:02 Workshop Start
04:52 Install Agents And Bouncers
08:30 Enable WAL
10:09 Working With Cscli
18:23 Crowdsec Process Cold Logs
21:39 Configuring Nginx Bouncer
27:33 Hacker Mode Engaged
31:20 SSH Attacking
34:11 Nikto Web Scanning
37:14 Console Enrollment
38:16 Walking through the console
44:57 Outro
🇪🇸 If you would prefer to watch this workshop in Spanish, you can using this link: • Curso Completo de Intr...
GET STARTED WITH CROWDSEC:
🎓 CrowdSec Academy - academy.crowds...
💡 CrowdSec Blog - www.crowdsec.n...
📁 CrowdSec Docs - docs.crowdsec....
CONNECT WITH CROWDSEC:
Discord - / discord
Twitter - / crowd_security
GitHub - github.com/cro...
Reddit - / crowdsec
LinkedIn - / crowdsec
ABOUT CROWDSEC:
CrowdSec is an open-source and collaborative intrusion prevention and detection system able to analyze visitor behavior and provide an adapted response to all kinds of attacks. It also leverages crowd power to generate a global IP reputation database to protect the user network. Using a collaborative approach, CrowdSec generates a real-time crowdsourced CTI (Cyber Threat Intelligence Database): when a malicious IP is identified and blocked locally, it is then shared with the community. Visit www.crowdsec.net/ to learn more.
And, if you like what we do, let us know about it with a review on G2: www.g2.com/pro...
@wzot 22 күн бұрын
Great beginners tutorial, and overall great product! Thanks!
@horusofoz 2 ай бұрын
Thank you for taking the time to create this valuable resource.
@crowdsec 2 ай бұрын
My pleasure! - Laurence CrowdSec Support
@infinit3i 2 ай бұрын
This is incredible, I love this! thank you CrowdSec!!
@davidadams421 Жыл бұрын
Very interesting. I liked the fact you went through most things at a high level, which is exactly what an overview should be. Sometimes you just need to know 'what are the boundaries of a thing' to avoid becoming overwhelmed. Great job.
@jamesdim Жыл бұрын
Great tutorial! Thank you! Recommended to anyone starting with crowdsec.
@QuantumByteHub 9 ай бұрын
great video and well explained, thank you
@sujenrios2902 Жыл бұрын
thank you so much
@crowdsec 11 ай бұрын
You're welcome!
@buibui72 Жыл бұрын
awesome content, thanks!
@drmikeyg Жыл бұрын
Thanks, well done.
@robkage 8 ай бұрын
This is awesome. I'm about to deploy servers for a small business and will be deploying crowdsec, Could we ave a Windows set up and config please? So many of us are still stuck in this space. Thanks in advance and what an awesome project guys.
@darrenoshaughnessy3921 Жыл бұрын
Great overview! Much less itimidating than the 1:29:02 version (and you didn't say "PITA" even once ;-)
@tolpacourt 7 ай бұрын
FYI nginx is no longer supported on Ubuntu Jammy 22.04.3 LTS. You need to install openresty (includes nginx core) for a bouncer to work. Or does the 1.5.x version install it for you?
@crowdsec 7 ай бұрын
Nginx lua is not supported by Ubuntu from Jammy onwards. Within the video, we use 20.04, which was still LTS at the time. For package installation, you must use open resty moving forwards. However, if you still want to use nginx, then you must either compile your own or use a third-party repository.
@RedVegas Күн бұрын
Where did you get a crowdsec hoodie from?
@crowdsec Күн бұрын
I got my hoodie from being hired by CrowdSec, we do give them out at events! Also there may be a swag store coming soon that may have it 👀
@Roberto.P 7 ай бұрын
Hi! is there a step by step guide to install CrowdSec on OpenWRT? I tried to install it on my router that uses OpenWRT, but the bouncer doesn't work. Thanks!
@SolaAesir 10 ай бұрын
It would be really nice to get a guide on how to set up the tarpit like you mentioned. Assume SSH, EndlessSSH, and a base Crowdsec are installed, how do you go from there to automatic blocking of attackers against your other services? I know Crowdsec is mostly targeted more at professionals, but as a homelabber I don't mind sharing my logs too much and I'm only running a couple of services so I can be confident anything else is an attack. Give us some quick and easy ways to flag bad actors and you'll get more clean data more quickly. I don't have the energy to dive into the minutia of Crowdsec like it's my job, but give me some quick and easy recipes (i.e. 5-10 minute videos) to capture high quality data and I'll happily set them up, especially if I'm protecting my other services at the same time.
@crowdsec 10 ай бұрын
Yes! and our support specialist has arranged a live stream on KZbin for this topic kzbin.info-l0E0oIo6no If you cannot make it for the time directly because its on KZbin it will automatically be uploaded as a reply.
@NoneYa-gp6qq Жыл бұрын
Im having a hard time finding the info, but I run ssh on a non-standard port. How do I configure the ssh scenarios over the default port and the one I've created?
@crowdsec Жыл бұрын
No need, we read the logs from syslog (or auth.log if your distro does that) and it doesn't matter what port you are running on.
@omargonalfa Жыл бұрын
I installed Crowdsec and Integrated it with Kubernes like your doc explain. Can Crowdsec capture incidents such as container escape? if so how?
@crowdsec Жыл бұрын
We recently added the ability to send K8s audit logs to be parsed by crowdsec docs.crowdsec.net/docs/next/data_sources/kubernetes_audit these logs are needed for CrowdSec to detect such attacks
@apigoterry Жыл бұрын
is there a way to create scenario where it check for multiple 404 errors using https?
@crowdsec Жыл бұрын
Yes, you can take inspiration from the http-bf scenarios hub.crowdsec.net/author/crowdsecurity/configurations/http-generic-bf
@frankkolmann4801 Жыл бұрын
Actually what I have is a Linux phone, a Librem 5, running on PureOS. I understand Crowdsec is designed for Linux servers. I dont have a Linux server. Can Crowdsec be installed on my PureOS phone which is based on Debian.? Actually I managed to install Crowdsec , but failed to install a bouncer as it said PureOS was not supported.
@crowdsec Жыл бұрын
Most likely, it could. However, what services are you running that are exposed to the Internet on your phone?
@SuperJuanRazo 4 ай бұрын
Is it free or paid
@crowdsec 4 ай бұрын
The Security Engine is free to use, we offer a freemium model via app.crowdsec.net/ but you dont have to use the console.
@dbishop9085 Жыл бұрын
why is nginx even being used here? it is not usable out of the box anymore and not discussed at all. this is not beginner level.
@crowdsec Жыл бұрын
Hey Laurence here from the video. Nginx is just an example application which is just the default install from ubuntu which is the default image provided by killercoda. Sorry you feel this is not beginner level, anything in particular you felt was difficult or not explained well from the point of view of Crowdsec.
@dbishop9085 Жыл бұрын
@@crowdsec hey Lawrence, I really liked the video other than nginx as you can't install a your nginx bouncer due to the lua dependencies required are not supported anymore from what I understand. Is there a video or documentation explaining how to address this issue? Getting any answers on discord for the few posts I have made hasn't been super helpful, particularly when trying to set up parent and child agents.
@crowdsec Жыл бұрын
@@dbishop9085 Yes, ubuntu 22.04 dropped support for nginx lua. So it means you would have to use openresty moving forward. This is a decision from the ubuntu team so we cannot force them to support a package. In their owns words "Just use openresty as it's a drop in replacement" I am quite active on the discord are you experiencing any issues?
@dbishop9085 Жыл бұрын
@@crowdsec "are you experiencing any issues? "lol I have plenty of them. I am trying to learn how to effectively use crowdsec with child agents. I have a million little questions, but my main one to stay on point here is, where can I get some information on how to best move to openresty either by replacing nginx or adding a module maybe? I am pretty lost and do realize it has nothing to do with crowdsec - only that using nginx in current videos is somewhat misleading as it isn't mentioned that 22.04 does support nginx lua. Any help for this hurdle would be appreciated. Re: Discord - I have a question open in discord right now that I opened nearly 24 hours ago without any response at all. Thanks again for the reply!
@crowdsec Жыл бұрын
@@dbishop9085 I understand your point about 22.04 but we are not using that version here and to be completely honest its for beginners we dont need to add all little details it will just confuse people. Most of openresty is compatible with nginx as it is nginx under the hood it just comes with lua support out of the box rather than it being a module. Discord is community support its not a service desk so expecting it to be that it is not. From the times you seem to be online I also believe our timezones are rather different we are CET. However, I will continue the conversation on discord
David Bombal
Рет қаралды 162 М.
Techno Tim
Рет қаралды 86 М.
Awesome Open Source
Рет қаралды 59 М.
Home Network Guy
Рет қаралды 8 М.