Crowdsec - A Modern Replacement for Fail2Ban

2»

Comments

  • @splitice said:
    Considering the number of badly coded scripts reporting to RBLDNS's and abuseipdb I have little faith in any community sourced database.

    An example of this we see alot is the reporting of attack targets because the reporters own IP services being used for reflection or amplification

    I agree. The only way to get a community sourced db without to many false positives is if the project get massive spreading on the scale that thousands of reports of abuse still would not be enough to render a block. If you have millions of installations all over the planet you can pretty easily detect patterns that show the real abusers, while misconfigurations or malevolent abuse simply does not gather enough hits to be noticed.

  • NeoonNeoon OG
    edited November 2020

    Meh, so far it hasn't cached shit.
    Despite the SSH bot attempts.

    Need to adjust stuff.

  • Spicy commits

    I'll try it out and report my findings :smile:

Sign In or Register to comment.