You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I've just skim-read through https://www.flux.utah.edu/paper/singh-nsdi24 (no pay wall, click for the PDF) and it seems like something that would be useful to implement as part of crowdsec.
Why is this needed?
Given the claimed better blocking and lower false positive rates claimed, versus fail2ban, this would probably also improve crowdsec.
Obviously the paper is specifically about SSH, but the general technique should be applicable to any other scenarios where there's source IPs and target usernames (or other unique data being as part of an attempt).
The text was updated successfully, but these errors were encountered:
Check Releases to make sure your agent is on the latest version.
Details
I am a bot created to help the crowdsecurity developers manage community feedback and contributions. You can check out my manifest file to understand my behavior and what I can do. If you want to use this for your project, you can check out the BirthdayResearch/oss-governance-bot repository.
@Athanasius: There are no 'kind' label on this issue. You need a 'kind' label to start the triage process.
/kind feature
/kind enhancement
/kind refactoring
/kind bug
/kind packaging
Details
I am a bot created to help the crowdsecurity developers manage community feedback and contributions. You can check out my manifest file to understand my behavior and what I can do. If you want to use this for your project, you can check out the BirthdayResearch/oss-governance-bot repository.
What would you like to be added?
/kind feature
I've just skim-read through https://www.flux.utah.edu/paper/singh-nsdi24 (no pay wall, click for the PDF) and it seems like something that would be useful to implement as part of crowdsec.
Why is this needed?
Given the claimed better blocking and lower false positive rates claimed, versus fail2ban, this would probably also improve crowdsec.
Obviously the paper is specifically about SSH, but the general technique should be applicable to any other scenarios where there's source IPs and target usernames (or other unique data being as part of an attempt).
The text was updated successfully, but these errors were encountered: