'CrowdSec is a massively multiplayer firewall designed to protect
Linux servers, services, containers, or virtual machines exposed on
the Internet with a server-side agent. It was inspired by Fail2Ban and
aims to be a modernized, collaborative version of that
CrowdSec is free and open-source (under an MIT License), with the
source code available on GitHub. It uses a behavior analysis system to
qualify whether someone is trying to hack you, based on your logs. If
your agent detects such aggression, the offending IP is then dealt
with and sent for curation. If this signal passes the curation
process, the IP is then redistributed to all users sharing a similar
technological profile to 'immunize' them against this IP.
The goal is to leverage the power of the crowd to create a real-time
IP reputation database. As for the IP that aggressed your machine, you
can choose to remedy the threat in any manner you feel appropriate.
Ultimately, CrowdSec leverages the power of the community to create an
extremely accurate IP reputation system that benefits all its users.
It was clear to the founders that Open Source was going to be one of
the main pillars of CrowdSec. The project's founders have been working
on open-source projects for decades — they didn't just jump on the
train. Rather, they are strong Open Source believers. They believe
that the crowd is key to the mass hacking plague we are experiencing,
and that Open Source is the best lever to create a community and have
people contribute their knowledge to the project, ultimately make it
better and more secure.
The solution recently turned 1.x, introducing a major architectural
change: the introduction of a local REST API.'
-- source: https://linux.slashdot.org/story/21/02/27/2215223
Dept. of Computer Science
University of Waikato, NZ
+64 (7) 577-5304