Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Activity
  • Dec 17 2021 07:41
    @buixor banned @cronlabspl
Thibault "bui" Koechlin
@buixor
@martin.schaible_gitlab if you can share me privately the email used and the machines ID impacted, it would be nice :)
Martin Schaible
@martin.schaible_gitlab
@buixor Hold on for a min :-)
Thibault "bui" Koechlin
@buixor
I PM'ed you ;)
Klaus Agnoletti
@klausagnoletti_twitter
The link I pasted earlier for our new Discord has expired. If you want to join, please use this instead: https://discord.gg/wGN7ShmEE8
CrowdSec
@Crowd_Security_twitter
You asked this in Discord also, right?
1 reply
Just to make sure we don’t answer your question both places.
plikmuny
@plikmuny
hi
i need help in installing cs-firewall-bouncer on Openwrt Rpi4
Arthur
@arthurlutz:matrix.org
[m]
Congrats for the kubernetes demo ! (bravo pour la démo kubernetes )
he2ss
@he2ss
Thanks !
CactiChameleon9
@cacti_chameleon10:kde.org
[m]
Can I selfhost the Console?
CactiChameleon9
@cacti_chameleon10:kde.org
[m]
Any chance that the discord can be bridged to matrix? I doubt I am the only person who isn't happy to use a propitiatory platform
Klaus Agnoletti
@klausagnoletti_twitter
Hey. No, you can't selfhost the console. It's proprietary and no plans to change that..
CactiChameleon9
@cacti_chameleon10:kde.org
[m]
Thats a shame
Klaus Agnoletti
@klausagnoletti_twitter
In terms of Discord we don't have any plans to bridge it with matrix. Is it even possible? And no, you're not the only one who doesn't want to use a proprietary platform for chatting. So far I've heard from one more. So for the time being - unless many more gitter users approach us - I don't think it's worth the effort. But that may change, who knows..
CactiChameleon9
@cacti_chameleon10:kde.org
[m]
A discord matrix bridge is possible, and isn't too hard to setup (depending on what bridge you use) - but understandable if its a not priority
Klaus Agnoletti
@klausagnoletti_twitter
Thanks. I'll take a look at it
Klaus Agnoletti
@klausagnoletti_twitter
The OPNsense port of CrowdSec is finally ready now in a public beta release from https://github.com/crowdsecurity/opnsense-plugin-crowdsec. Get it while it's hot! If you run into problems please ask in #-bsd on our Discord! Let me know if you need the invite link!
Arthur
@arthurlutz:matrix.org
[m]
cscli alerts list | grep community
| 1733 | crowdsec/community-blocklist | update : +4714/-0 IPs             |         |                                | ban:4714  | 2022-01-27 09:27:54 +0100      |
| 1729 | crowdsec/community-blocklist | update : +4681/-0 IPs             |         |                                | ban:29    | 2022-01-27 07:27:54 +0100      |
| 1724 | crowdsec/community-blocklist | update : +4641/-0 IPs             |         |                                | ban:14    | 2022-01-27 05:27:54 +0100      |
does this indicate the number of IPs banned from the community (not attacking "yet" my server) ?
if so what happened today for the number of banned ips to go from a two figure number to a four figure number ?
CrowdSec
@Crowd_Security_twitter
yes :slightly_smiling_face:
Arthur
@arthurlutz:matrix.org
[m]
and the 4714 ip bans from this morning ?
Ricardo
@rmdes
do I need to run a prometheus server to be able to listen to the mydomain:6060/metrics endpoint ?
I have added the graphana dashboard for crowdsec
but i'm getting connection refused when, on the graphana side, I configure the prometheus source data
Ricardo
@rmdes
my graphana instance is not on the server where crowdsec is running just to be precise
blotus
@blotus
yes, you need a prometheus server to scrape the metrics
then add your prometheus server as a datasource in grafana, and the dashboards should work
rick
@rick:rmendes.net
[m]
Alright I see, doc wasn't clear or i misread probably
Thanks
rick
@rick:rmendes.net
[m]
so just to be sure, I should be able to curl mydomain:6060/metrics from the cli and get data right ?
and if I can't, make sure ports are open
right now I can only get curl data using localhost:6060/metrics
if I curl buzzworkers.com:6060/metrics I'm getting connection refused and for my prometheus server, it obviously say my targets are down
tandy
@tandy1000:matrix.org
[m]
i just upgraded crowdsec with apt and im gettting this?
oh the issue was crowdsec wasnt running
mainevent07
@mainevent07
Hello!
Can you help me, how may I get community-blocklist manually? For example, via curl and credentials in online_api_credentials.yaml
Philipp
@Philipp37303217_twitter
Hello people. I just started testing crowdsec. I installed Crowdsec 1.3.0 (no bouncer yet) and used wizard.sh -c to get everything i need (i guess?) i got the packages for e.g. apache. crowdsec is active and running. Now i used nessu for an web app scan on the servers apache. But i dont get any results in the /var/log/crowdsec.log ( following https://crowdsec.net/blog/tutorial-crowdsec-v1-1/ ). Any ressources on what i might do wrong or should do?
he2ss
@he2ss

Hi @Philipp37303217_twitter,

wizard.sh -c will not detect all the services, only the common ones. So depend what services do you need to monitor.
From which network the attacks are performed ? If it's from private network, may be you are not detecting attacks because of default whitelist that is installed.

You can confirm this showing the parsers sudo cscli parsers list

Fouine
@fouine:matrix.underworld.fr
[m]
Hello, is it possible to set http_proxy in crowdsec config?
blotus
@blotus
Hello
Yes you can, see https://docs.crowdsec.net/docs/next/faq/#how-to-set-up-proxy-
You just need to set the correct env vars
1 reply
and FYI, we've moved to discord, you can join our server here https://discord.gg/wGN7ShmEE8
1 reply
Fouine
@fouine:matrix.underworld.fr
[m]
(change your matrix room's topic to redirect users ;). )
Fouine
@fouine:matrix.underworld.fr
[m]
allow crowdsec process to contact crowdesc API and console
but, cscli hub update / upgrade, not
have to add env http_proxy into /etc/profile (at system level) BUT
sudo didn't follow this env :)