Detecting and stopping ransomware with CrowdSec
Tutorial

Detecting and stopping ransomware with CrowdSec

CrowdSec is efficient at blocking ransomware lateral moves, where Windows machines are often involved. In this article, we are going to explore how to configure CrowdSec to detect and stop ransomware from spreading through your internal networks.

Integrating CrowdSec with Kubernetes using TLS
Tutorial

Integrating CrowdSec with Kubernetes using TLS

In this article, you will have the steps to install and configure: a Kubernetes cluster, an application to protect, a Traefik ingress object, a CrowdSec bouncer in the form of a Traefik plugin, a CrowdSec LAPI for the whole cluster and an agent for each cluster node.

How to Protect Your Microsoft Exchange 2019 Server with CrowdSec
Tutorial

How to Protect Your Microsoft Exchange 2019 Server with CrowdSec

Follow this step-by-step guide on installing CrowdSec on a Microsoft Exchange server to better protect against common cyberattacks and new threats.

MeshCentral bouncer implementation in NodeJS
Tutorial

MeshCentral bouncer implementation in NodeJS

In the article we discuss how we quickly implemented a CrowdSec bouncer into MeshCentral, a NodeJS/ExpressJS application by using the CrowdSec-provided express-bouncer package on NPM as a starting point.

Suricata vs CrowdSec
Tutorial

Suricata vs CrowdSec

Check how to combine Suricata and CrowdSec for a better security of your assets.

Installing and configuring CrowdSec into Cloudflare
Tutorial

Installing and configuring CrowdSec into Cloudflare

Cloudflare is a CDN (a global network for distributing web content) that provides various services that among other things allow you to manage DNS zones, distribute web content, secure applications and infrastructure. There are several subscription types available. Today I will show what is achievable using Cloud flare’s free plan. CrowdSec is a FOSS security […]

Integrating CrowdSec with Firewall appliances
Tutorial

Integrating CrowdSec with Firewall appliances

The majority of modern IT infrastructures already includes some form of the security appliance. Our users requested some way to integrate CrowdSec at the appliance level, within their pre-existing ecosystem. In this article, we’ll show you how to make it happen, using the new crowdsec-blocklist-mirror component.   Overview Leveraging the firewall’s ability to pull IP blocklists […]

CrowdWall, a tough Firewall for 50€ – Part 3: set up a canary device with CrowdSec
Tutorial

CrowdWall, a tough Firewall for 50€ – Part 3: set up a canary device with CrowdSec

Welcome to the third and final part of our trilogy where the goal is to inspire and show you how to create a very efficient firewall to secure home network or your small business, which offers a serious level of security, at low cost. The first part focuses on selecting hardware and installing the base […]

DDoS Attack Mitigation using CrowdSec
Tutorial

DDoS Attack Mitigation using CrowdSec

DDoS attacks are a very popular way for cybercriminals to attack you to hurt you or your business. Depending on which kind of DDoS attack we’re talking about, CrowdSec may be able to help you out.

How to monitor cyber threats on your servers with CrowdSec Console
Tutorial

How to monitor cyber threats on your servers with CrowdSec Console

This article covers CrowdSec Console, a web interface with actionable data to visually explore threats, alerts, and remediation decisions. See how to get started with CrowdSec Console and get an instant overview of any IP suspicious activity on your services.

CrowdWall, a Tough Firewall for 50€ – Part 2: The Software Stack
Tutorial

CrowdWall, a Tough Firewall for 50€ – Part 2: The Software Stack

Welcome to the second part of our trilogy where the goal is to inspire you to create a very efficient firewall to protect your remote work environment, family, or your small business, which offers a serious level of security, at a low cost. Have you not yet read the first part that focuses on selecting […]

CrowdWall: a Tough Firewall for 50€ – Part 1
Tutorial

CrowdWall: a Tough Firewall for 50€ – Part 1

Welcome to the first part of our trilogy where the goal is to inspire you to create a very efficient firewall to protect your remote work environment, family, or your small business, which offers a serious level of security, at a low cost. This first part will be centered around the basics: choosing hardware and […]

How to mitigate security threats with CrowdSec in Kubernetes using Traefik
Tutorial

How to mitigate security threats with CrowdSec in Kubernetes using Traefik

Introduction Previously we published 2 articles part1 & part2 covering Kubernetes Crowdsec integration with Nginx as an ingress controller. Now we will explain how to integrate Crowdsec in a k8s cluster with Traefik as an ingress controller to increase the level of security. In this article, we’ll set up a k8s cluster locally using Kind […]

How to secure your Raspberry Pi OS with CrowdSec
Tutorial

How to secure your Raspberry Pi OS with CrowdSec

In this article, I’ll describe how to install the CrowdSec agent and the firewall bouncer directly on Raspberry Pi OS and convert it into a sort of honeypot using endlessh (an ssh tarpit) and a web server which only purpose is for CrowdSec to detect attacks in its logfiles. Raspberry Pi is a perfect device […]

Install and secure your NextCloud server with CrowdSec
Tutorial

Install and secure your NextCloud server with CrowdSec

In this tutorial, we will cover installing and securing a Nextcloud instance with the CrowdSec software. Nextcloud is an extensible collaborative drive tool to replace traditional office suites and drives. (GSuite and Microsoft 365). The focus is on privacy with an easily self-hosting tool. CrowdSec is a collaborative security solution based on the principle of analysis and the correlation […]

How to secure a Windows server with CrowdSec
Tutorial

How to secure a Windows server with CrowdSec

This article is a direct translation from Florian Burnel’s work on his blog, IT Connect. The original piece can be found here If you want to install CrowdSec on a Microsoft Exchange 2019 server, you can find a tutorial also written by Florian Burnel and translated to English, here. I. Introduction Until today, the CrowdSec agent […]

Protect your Magento 2 site with the new CrowdSec extension
Tutorial

Protect your Magento 2 site with the new CrowdSec extension

Introduction Each user who accesses your site is identifiable by an IP address. CrowdSec is an open source tool capable of determining whether this IP is potentially malicious or not. To do so, the CrowdSec agent that you will have installed on your server will analyze different data sources (log files, etc.). According to predefined remediation […]

How to write CrowdSec parsers & scenarios – the Asterisk VoIP use case
Tutorial

How to write CrowdSec parsers & scenarios – the Asterisk VoIP use case

Introduction In this tutorial, we are going to see how we can write a CrowdSec parser to process Asterisk logs and then how to write a CrowdSec scenario to detect common attacks (user enumeration, brute force …) on this service. Requirements In order to write the CrowdSec parser and scenario, we will need the following: […]

PwnKit: detect privilege escalation with CrowdSec
Tutorial

PwnKit: detect privilege escalation with CrowdSec

Qualys just published CVE-2021-4034 which is trivial to exploit and impacts a large variety of distributions and versions. In a nutshell, the vulnerability, also called PwnKit, allows for a local escalation of privilege (LPE), due to out-of-band writing, in Polkit’s Pkexec, an alternate solution to the “sudo” privilege management tool. Pkexec is installed by default […]

Kubernetes CrowdSec Integration – Part 2: Remediation
Tutorial

Kubernetes CrowdSec Integration – Part 2: Remediation

Introduction Hello again to the readers who have read the first part of the article about how to integrate CrowdSec to Kubernetes and detect attacks. For the others, welcome to part 2, which will cover the remediation part on Kubernetes and, more precisely, on Nginx Ingress Controller. First, you need to have a ready Kubernetes […]

Protect your Flask applications using CrowdSec
Tutorial

Protect your Flask applications using CrowdSec

At CrowdSec we want our users to protect themselves regardless of the tech stack they use. The simplest way to do that is to implement threat remediation at the network level, with a firewall bouncer. CrowdSec bouncers can also be set up at the upper levels of an applicative stack:  web server, CDN, and in […]