Crowdsec integration?

Would it make sense to integrate with MIAB?

It monitors for suspicious behaviours and reports them, then in turn other users get the info about malicious IPs.

I’d vote a cautious no.

We’ve already got fail2ban, doing (from our point of view) a similar job. I don’t think it would work with fail2ban, so it would involve removing something that works, to replace it with something similar.

And I’d hesitate to put much effort into integrating a commercial product. They do have a free tier - for the moment … until the company is sold or they change their mind.

I’ve recently looked at which does something similar. Although it is quite simple to integrate with fail2ban, I would suggest that taking part in some kind of crowd sourcing like this should be a conscious decision by the MiaB user and thus not be automatically enabled for everyone.

1 Like

This topic was automatically closed after 61 days. New replies are no longer allowed.