:: Re: [DNG] comments on "How do you r…
Top Page
Delete this message
Reply to this message
Author: Robert Montante, Ph.D.
Date:  
To: dng
Subject: Re: [DNG] comments on "How do you run crowdsec on daedalus?"
>> I'm running the apache2 webserver on an installation of daedalus rc7,
>> and I really need some protection from all the attacks. It seems that
>> "crowdsec" is being promoted as better than "fail2ban",
> Reference/s?



Nothing very authoritative, just a couple of items like these, in
response to a search for "alternatives to fail2ban":

> · 2 yr. ago
> <https://www.reddit.com/r/linuxadmin/comments/lwbrh0/comment/gpgkidt/?utm_source=reddit&utm_medium=web2x&context=3>
>
>
> Crowdsec is pretty new but is a crowd sourced fail2ban. Also look at
> geoip rules at the firewall level if you have a firewall
>
> · 2 yr. ago
> <https://www.reddit.com/r/linuxadmin/comments/lwbrh0/comment/gpit0vq/?utm_source=reddit&utm_medium=web2x&context=3>
>
>
> Seconding crowdsec, this looks really promising
>

[maybe this is "authoritative", it's from the "crowdsec.net" website]

> Maybe you’ve just heard about CrowdSec – maybe you’ve known of it for
> a while; maybe you’re even using CrowdSec yourself. Whatever the case
> is, chances are that you were introduced to it in the context of
> Fail2Ban explaining why you should consider using CrowdSec as an
> alternative to Fail2Ban.
>

% snip %

> I'm not saying I think fail2ban is better; I'm just saying they do different
> jobs and therefore can't be directly compared.
>
> My final comment is that security in depth is always a good idea, so why not
> run both?



So after a bit more surfing, I'm leaning toward "fail2ban" as the
primary attack-mitigation choice, and "crowdsec" as an
additional/supplementary tool.  So "both" it shall be for me.

--
  Just another sorcerer's apprentice