How To Setup CrowdSec on Debian
27/03/2023
Information
CrowdSec is an open-source and powerful security tool that protects your infrastructure against cyber attacks and brute-force attempts. In this article, we will guide you through the process of setting up CrowdSec on Debian.
Step 1: Update the System
Before beginning the installation process of CrowdSec, you must first update your Debian system. This will ensure that you have the latest updates and dependencies required by CrowdSec.
To do this, open the terminal and run the following command:
sudo apt update && sudo apt upgrade
Step 2: Install CrowdSec
After updating the system, the next step is to install CrowdSec on the Debian system. You can follow the steps below to install CrowdSec:
Add the CrowdSec repository to your Debian system.
echo "deb https://dl.bintray.com/crowdsec/crowdsec-deb/ buster main" | sudo tee /etc/apt/sources.list.d/crowdsec.list
wget -O /tmp/cs-key.gpg https://bintray.com/user/downloadSubjectPublicKey?username=crowdsec
sudo apt-key add /tmp/cs-key.gpg
sudo apt update && sudo apt install crowdsec
Step 3: Configure CrowdSec
After the installation process, you need to configure CrowdSec before you can use it on your system. You can do this by editing the configuration files located in the /etc/crowdsec directory.
Enable CrowdSec service and start it.
sudo systemctl enable crowdsec && sudo systemctl start crowdsec
sudo systemctl status crowdsec
sudo cscli edit ssh-bf
sudo cscli decisions add whitelist -I <IP-ADDRESS> -s 3600
sudo cscli decisions list -p ssh-bf
Step 4: Test CrowdSec
The final step is to test CrowdSec to ensure that everything is working correctly. You can do this by attempting to log in to your system using a different IP address, which is not in the whitelist.
You should see that your login attempts are blocked, and the IP address is added to the blacklist by CrowdSec.
Conclusion
In summary, CrowdSec is a powerful security tool that protects your infrastructure against cyber attacks and brute-force attempts. By following the simple steps outlined in this article, you can quickly install and configure CrowdSec on your Debian system, helping to improve the security of your network.