CrowdSec: Umthombo ovulekileyo osebenzisanayo weprojekthi yokhuseleko lwe-Linux

Darkcrizt

Imizuzu ye4

Isihlwele yiprojekthi entsha yokhuseleko yenzelwe ukukhusela iiseva, iinkonzo, izikhongozeli okanye oomatshini ababonakalayo kutyhilwa kwi-Intanethi kunye nearhente esecaleni. Waphefumlelwa Ukusilela2Ban kwaye yenzelwe ukuba ibe yinkqubo yokusebenzisana kunye neyala maxesha yesakhelo sokuthintela ukungena.

Ngandlela-thile, uyinzala yeFail2Ban, iprojekthi eyazalwa kwiminyaka elishumi elinesithandathu edlulileyo. Nangona kunjalo, inikeza indlela yokusebenzisana yangoku kunye neziseko zayo zobuchwephesha ukuphendula kwimeko yanamhlanje.

Isihlwele, kubhalwe eGolang, kuyinjini yokuzenzekelayo, esekwe ekuziphatheni nasekudumeni kweedilesi ze-IP.

Isoftware ifumanisa isimilo ekuhlaleni, ilawula izoyikiso, kwaye ikwasebenzisana kwihlabathi liphela nenethiwekhi yabasebenzisi ngokwabelana ngeedilesi ze-IP ezifunyenweyo.

Oku kuvumela wonke umntu ukuba abathintele. Injongo kukwakha idathabheyisi enkulu yedatha ye-IP kunye nokuqinisekisa ukusetyenziswa kwayo simahla ngabo bathatha inxaxheba ukuyityebisa.

Isebenza njani iCrowdSec?

ICrowdsec sisakhelo seemodyuli kunye nesixhomekayo, kubandakanya iindidi ezininzi zeemeko ezaziwayo ezaziwayo, abasebenzisi banokukhetha ukuba zeziphi iimeko abafuna ukuzikhusela kuzo, kunye nokongeza ngokulula isiko elitsha ukuze lilungele imeko yabo.

Injongo kukuphumeza isoftware kwiindawo ezininzi kangangoko kunokwenzeka.  Ukuphunyezwa kwayo ngokukhawuleza, ukuhambelana kwayo nezikhongozeli, ukusebenziseka kwayo kwiindawo ezinamafu kunye nokukwazi kwayo ukusebenza kwi-UNIX, macOS okanye kwi-ecosystem ye-Windows: konke oku kusenza sikwazi ukujongana nemarike iphela.

Injini yohlalutyo lokuziphatha

Uluhlu lokuqala lokhuselo. Sebenzisa imeko echazwe yi-YAML ukulungelelanisa imicimbi Bangena echibini elivuzayo baze bazobe umqondiso ukuba eli chibi liyaphuphuma. Emva koko ungafaka impendulo kwinto oyikhethayo kunye namabhansela.

Injini enegama

Injini yedumela ngumgaqo olula kakhulu, kodwa kunzima ukumisela. Ngokusisiseko ngofakelo ngalunye lweCrowdSec unokuxhamla kuluhlu lwabamnyama lwe-IP iququzelelwe, isasazwa yi-API yethu esembindini. Ukuba usebenzisa i-LAMP, awudingi iidilesi ze-IP ezihlasela ezinye izitaki zobuchwephetsha ezinje ngeWindows, umzekelo.

Esi siseko sedatha sondliwa zizo zonke iimeko zeCrowdSec, ezinophawu lokuhluza olucwangcisiweyo lwasekhaya yi-API yethu. Ukunyusa ubuxoki kunye nokuzama ukubiwa ngabagculeli yingxaki yokwenyani, kungoko isidingo sokuqhubekeka imiqondiso evela kwizibonelelo zeCrowdSec.

Sicinga ukuba sineresiphi eqinileyo yokwenza oku, esikubiza ngokuba yimvumelwano. Oku kubandakanya ubuchwephesha obahlukeneyo, njengokujonga imiqondiso kwamanye amalungu athembekileyo, inethiwekhi yethu ye-decoys (honeypots), uluhlu lweeCanary (uluhlu olumhlophe lweedilesi ze-IP), njl.

Injongo yethu kukuhambisa kuphela uluhlu oluthembekileyo lwe-100%. Kwakhona, ukuchonga ukuba ngubani oyingozi kwaye nini kuxhomekeke kakhulu kwimeko ethile kunye nexesha lexesha. Umzekelo, idilesi ye-IP ethathwe njengecocekileyo izolo inokulaliswa namhlanje kwaye abalawuli banokuyicoca ngosuku olulandelayo. Idilesi ye-IP ekhangelwa yi-SSH ayisiyongozi kwi-TSE yakho, njl.

Bonisa

Isoftware ibandakanya inkqubo engasindi, yokubonisa esekwe kwi-Metabase. IsihlweleSec naso ixhotyiswe ngePrometheus, ukubonelela ngesakhono sokulumkisa kunye nokubona.

Injini edumileyo ngoku ineedilesi ze-IP ezingaphezu kwe-103.000 "zemvumelwano" (abo baphumelele ityhefu kunye novavanyo oluchasene nobuxoki).

Ukuza kuthi ga ngoku, amalungu oluntu avela kumazwe angaphezu kwamashumi amahlanu asasazeka kumazwekazi amathandathu.

Ngelixa isoftware ngoku ijongeka njengeFail2Ban esisigxina, Injongo kukusebenzisa amandla esihlwele ukwenza indawo yedatha ye-IP echanekileyo. Xa iCrowdSec igxotha i-IP ethile, imeko ekhutshelweyo kunye nesitampu sithunyelwa kwi-API yethu ukuze iqinisekiswe kwaye idityaniswe kwisivumelwano sehlabathi se-IPs ezimbi.

ICrowdSec isimahla kunye nomthombo ovulekileyo (phantsi kwelayisensi ye-MIT), kunye nekhowudi yemithombo ekhoyo kwiGitHub. Okwangoku iyafumaneka kwiLinux, inezibuko kwiMacOS kunye neWindows kwimephu yendlela

Umthombo: https://doc.crowdsec.net/


Shiya uluvo lwakho

Idilesi yakho ye email aziyi kupapashwa. ezidingekayo ziphawulwe *

*

*

  1. Uxanduva lwedatha: UMiguel Ángel Gatón
  2. Injongo yedatha: Ulawulo lwe-SPAM, ulawulo lwezimvo.
  3. Umthetho: Imvume yakho
  4. Unxibelelwano lwedatha: Idatha ayizukuhanjiswa kubantu besithathu ngaphandle koxanduva lomthetho.
  5. Ukugcinwa kweenkcukacha
  6. Amalungelo: Ngalo naliphi na ixesha unganciphisa, uphinde uphinde ucime ulwazi lwakho.

  1.   Isihlwele sitsho
    yenzayo 3 iminyaka

    Ndiyabulela kakhulu ngeli nqaku! Sesandleni sakho ukuba ufuna uncedo usebenzisa iCrowdSec. Ubenemin emyoli.

    Iqela leCrowdSec
    info@crowdsec.net
    https://github.com/crowdsecurity/crowdsec

    Phendula kwiCrowdSec