This is just the 1000 last lines of my nginx log
One crowdsec instance later the scan connections went down to not a lot.
Looks like an interesting service, but expensive
You can selfhost the complete service. Only their Console Is a paid service, should you want or need that.
I’m curious how much those blacklists change over time
That’s from my webserver, green is community, yellow is local.
Oh yeah, that’s pretty standard.
Stuff that’s good:
- fail2ban + AbuseIPDB API
- ssh: + endlessh
- iocaine
Just for reference, my abuseipdb stats.
I’m struggling to find iocaine - what is it?
Odorless, tasteless, and dissolves instantly in liquid and is among the more deadly poisons known to man.
Oops, forgot that its name is literally ripped from a well-known book-thing, so search results won’t be good. So here’s the link: https://iocaine.madhouse-project.org/
- fail2ban + AbuseIPDB API
You can put fail2ban to look for specific keywords and ban them if they keep trying. I did that a while back and my servers are in a much better spot. IP black/block lists also help.
What are you using to view this? Nushell?
