文章介绍了在Debian 11服务器上安装配置CrowdSec开源安全平台的方法。
CrowdSec是一个开源安全平台,旨在防止黑客和机器人通过IP地址进行网络攻击,这个入侵防御系统受Fail2Ban的启发,用Go语言编写的,本文将介绍下如何在Debian 11服务器上安装配置CrowdSec。
安装依赖
我们需要在Debian 11服务器上安装一些必要的依赖,打开终端,输入以下命令:
sudo apt update sudo apt install -y golang-go git
下载CrowdSec
接下来,我们从GitHub上克隆CrowdSec的源代码:
git clone https://github.com/crowdsec/crowdsec.git cd crowdsec
编译CrowdSec
现在,我们可以使用Go编译器编译CrowdSec,确保已经安装了Go编译器:
go version
如果没有安装Go编译器,可以使用以下命令安装:
sudo apt install -y golang-go
进入CrowdSec目录,运行以下命令编译CrowdSec:
make build-linux-amd64
编译完成后,会在dist目录下生成一个名为crowdsec的可执行文件。
配置CrowdSec
接下来,我们需要配置CrowdSec,创建一个名为config.yaml的配置文件:
touch config.yaml
使用文本编辑器打开config.yaml文件,并添加以下内容:
local_api: true log_level: info observability: false webhooks: false outputs: file,stdout,elasticsearch,prometheus,slack,telegram,matrix,mattermost,influxdb,discord,irc,gnats,hipchat,splunk,enpoint,zendesk,pagerduty,serverdensity,wechatwork,flowdock,netcallid,signalwire,openfaas,webhookurls,webhookgenerictemplates,webhookgenericblocks,webhookemails,webhooksmtptemplates,webhooksmtpblocks,webhooksmstemplates,webhooksmsblocks,webhookteamstemplates,webhookteamsblocks,webhooklinetemplates,webhooklineblocks,webhookcustomtemplates,webhookcustomblocks,webhookgdrivetemplates,webhookgdriveblocks,webhookboxtemplates,webhookboxblocks,webhookconfluencetemplates,webhookconfluenceblocks,webhooktrellotemplates,webhooktrelloblocks,webhookjiratemplates,webhookjirablocks,webhookgithubtemplates,webhookgithubblocks,webhookgitlabtemplates,webhookgitlabblocks,webhookredminetemplates,webhookredmineblocks,webhookprometheustemplates,webhookprometheusblocks,webhookgrafanatemplates,webhookgrafanablocks,webhooklokitemplates,webhooklokiblocks,webhookprometheusalertmanagertemplates,webhookprometheusalertmanagerblocks,webhookprometheusblackboxexportertemplates,webhookprometheusblackboxexporterblocks,webhookprometheusnodeexportertemplates,webhookprometheusnodeexporterblocks,webhookprometheuspushgatewaytemplates,webhookprometheuspushgatewayblocks,webhookprometheuscadvisortemplates,webhookprometheuscadvisorblocks,webhookprometheuscortextemplates,webhookprometheuscortexblocks,webhookprometheusthanostemplates,webhookprometheusthanosblocks,webhookprometheusjaegertemplates,webhookprometheusjaegerblocks,webhookprometheuszipkintemplates,webhookprometheuszipkinblocks Uncomment the following line to enable API key authentication: apikey: YOUR_API_KEY_HERE Uncomment the following line to enable Bearer token authentication: bearertoken: YOUR_BEARER_TOKEN_HERE Uncomment the following line to enable OAuth2 authentication: oauth2: YOUR_OAUTH2_CLIENT_ID YOUR_OAUTH2_CLIENT_SECRET YOUR_OAUTH2_AUTHORIZE_URL YOUR_OAUTH2_TOKEN_URL YOUR_OAUTH2_REDIRECT_URL YOUR_OAUTH2_SCOPES Uncomment the following line to enable JWT authentication: jwt: YOUR_JWT_PUBLIC_KEY YOUR_JWT_PRIVATE_KEY Uncomment the following line to enable GCP Cloud IAM authentication: gcpcloudiam: YOUR_GCP_PROJECT YOUR_GCP_SA JSON YOUR_GCP_KEYRING YOUR_GCP_KEYJSON YOUR_GCP_SERVICEACCOUNTEMAIL YOUR_GCP_BUCKETNAME YOUR_GCP_REGION YOUR_GCP_ZONE YOUR_GCP_CONTAINERNAME YOUR_GCP_OBJECTNAME YOUR_GCP_METHOD YOUR_GCP_POLICYNAME YOUR_GCP_POLICYID YOUR_GCP_POLICYTAGS YOUR_GCP_ROLENAME YOUR_GCP_ROLEID YOUR_GCP_ROLEPOLICYNAMES YOUR_GCP_ROLEPOLICYIDS YOUR_GCP_ROLEPOLICYTAGS YOUR_GCP
原创文章,作者:K-seo,如若转载,请注明出处:https://www.kdun.cn/ask/312910.html
微信扫一扫 
