CrowdSec 1.5 Gains New Features - Exploring Block Lists, Post Exploitation Behavior & More!
Рет қаралды 11,634
Күн бұрынCrowdSec is a service that aims to enhance the security of your Linux server - which it does in a very interesting way. Leveraging the power of the very "crowd" it serves, CrowSec is able to build intelligence that benefits every server that has it installed. This service has been discussed on the channel before, but in this tutorial you'll see some of the new features as of CrowdSec 1.5.
Check out CrowdSec here ➜ www.crowdsec.net
LEARN LINUX TV - YOUR HOME FOR LINUX-RELATED FUN AND LEARNING!
🎓 CROWDSTRIKE CRASH SURVIVOR T-SHIRT
Commemorate the largest outage in history with the latest addition to the LLTV merch shop.
Get yours here ➜ learnlinux.link/crash-shirt
🎓 BRAND NEW UDEMY COURSES AVAILABLE!
Check out my new courses on Udemy and learn something new!
• Getting Started with Ansible ➜ learnlinux.link/ansible
• LPI Linux Essentials Complete Workshop ➜ learnlinux.link/linux-essentials
🐧 SUPPORT LINUX LEARNING!
• Grab some Linux swag ➜ merch.learnlinux.tv
• Become a Channel Member ➜ learnlinux.link/member
• Become a Patron ➜ learnlinux.link/patron
• 5% discount on LPI exam vouchers ➜ learnlinux.link/lpi-voucher
• Check out my latest book ➜ ubuntuserverbook.com
• Grab an awesome Pi-powered KVM ➜ learnlinux.link/tinypilot
• Jay's Gear - Server, Computer and Video Production Stuff ➜ learnlinux.link/amazon
Note: Royalties and/or commission is earned from each of the above links
⏰ TIME CODES
00:00 - Start
01:33 - Tutorial Disclaimer
02:26 - CrowdSec Refresher
05:09 - Exploring New Features in CrowdSec 1.5
06:10 - CrowdSec now supports Additional Blocklists
11:51 - Taking a look at the "Real-Time Decision Management" feature
13:34 - Post Exploitation Behaviors
Full Courses from Learn Linux TV
• Linux Crash Course series ➜ linux.video/cc
• Learn how to exit use tmux ➜ linux.video/tmux
• Learn how to use vim ➜ linux.video/vim
• Bash Scripting Series ➜ linux.video/bash
• Proxmox VE Cluster Full Course ➜ linux.video/pve
• Learn Ansible ➜ linux.video/ansible
🌐 LEARN LINUX TV ON THE WEB
• Main site ➜ www.learnlinux.tv
• Community ➜ community.learnlinux.tv
• Official Github Account ➜ github.com/LearnLinuxTV
• Enterprise Linux Security Podcast ➜ enterpriselinuxsecurity.show
• The Homelab Show Podcast ➜ thehomelab.show
• Jay on Udemy ➜ www.udemy.com/user/jay-lacroix-3
• Jay on Twitter ➜ x.com/JayTheLinuxGuy
• Content Ethics ➜ www.learnlinux.tv/content-ethics
• Request Assistance ➜ www.learnlinux.tv/request-ass...
⚠️ DISCLAIMER
LearnLinuxTV produces technical content that will hopefully be helpful to you and teach you something new. However, this content is provided without any warranty (expressed or implied). LearnLinuxTV is not responsible for any damages that may arise from any use of the content and information that's being provided. The viewer is expected to follow best judgement and to make his/her/their best decisions while working with production or non-production software, systems and hardware.
#CloudComputing #CrowdSec #Devops
@heckyes Жыл бұрын
Great timing, I have a stickynote stuck to my monitor at work "Install Crowdsec?". Also, where do I get that shirt?
@Wayofthelao Жыл бұрын
Great video my dude
@esra_erimez Жыл бұрын
Thanks for the great video regarding the subject matter contained herein. This video contained a lot of content about the topic it covered. I enjoyed learning about what you have taught to me.
@CYBONIX Жыл бұрын
Awesome Video~!!
@philippe_CS Жыл бұрын
Thanks for covering the 1.5. Just one comment here, the blocklist is highly dynamic and filtered by vetted installs of CrowdSec, which passed the 6 months quarantine period and offer enough diversity (AS, ranges, geo, types, scenarios, etc.). So IP are integrated for as long as enough vetted members are reporting it. When this "pressure" goes down, the IP is free and released from the blocklist. For us, adding an IP is as important as removing one when it's cleared by its legitimate owner. That's how (among other mechanisms) we avoid false positives.
@spoonikle 7 ай бұрын
Post exploitation behavior detection is a game changer
@rubensilva6443 Жыл бұрын
great video!
@ivanmaglica264 8 ай бұрын
Love the t-shirt!
@davocc2405 Жыл бұрын
I'm curious about that auditd engine too - reactive/responsive system daemons and tools can move you from constant monitoring to exception management (with occasional inspection of services and system resources). I can see a future where some of these behaviours are logged and an AI engine looks for weird behaviour - I know there's more nefarious versions of this concept (a major US TV network has installed one to monitor employee speech in their network for non-woke speech) but for system management and misadventure (or even accidents/errors) this could prove invaluable.
@philippe_CS Жыл бұрын
that's absolutely the point :)
@truthreigns7 Жыл бұрын
Cool shirt. Good video
@steffenbusch Жыл бұрын
That’s an awesome shirt 🎉
@fabiusdev Жыл бұрын
nice vdeo
@yhojraj 10 ай бұрын
Do the crowdsec Blocklist works if the website is using cloudflare proxy? If it cannot then does it means an IP can attack the website as many time as it wants without any detection or crowdsec will read the access log file and try to ban them again? As I know for wordpress website we can use the crowdsec plugin to ban IP even when using cloudflare proxy but how about other websites in the same server? Let's say nextcloud. Any suggestions would be helpful. Thanks
@donnelllowery4376 Жыл бұрын
I want that shirt
Fabiosa Animated
Рет қаралды 8 МЛН
KiKiDo
Рет қаралды 4,2 МЛН
💀Skeleton Ninja🥷【にんげんっていいなチャンネル】
Рет қаралды 8 МЛН
Learn Linux TV
Рет қаралды 34 М.
Techno Tim
Рет қаралды 85 М.
Rj Mobile 01
Рет қаралды 14 МЛН
Nir Gaming
Рет қаралды 4,8 МЛН